On October 1, 2014, ADBC member, King & Spalding, and the Information Technology Industry Council (ITI) hosted the “2014 Cybersecurity Summit: Risks and Benefits in an Interconnected Economy,” kicking off National Cybersecurity Awareness Month. The summit offered insights from key policymakers and experts from government and industry on cybersecurity risks and benefits in an interconnected economy. Speakers included: Kelly R. Welsh, General Counsel of the Department of Commerce; Dean Garfield, President and CEO of the Information Technology Industry Council (ITI); Governor Jack Markell; JC Boggs; and panelists from the White House, industry, etc.
One of the speakers said, only half-jokingly, that there are two kinds of companies and websites – those that have been hacked and those that do not know they have been hacked.
The first panel was Cybersecurity as an Economic and Innovation Issue.
This panel explored various cybersecurity activities and policy levers that can address national security concerns while supporting economic growth and the innovation needed to prevent, detect, and respond to cybersecurity threats, and whether these goals are mutually exclusive or if they could be accomplished in tandem.
The second panel, Industry Efforts to Promote the Framework and Management of Cybersecurity Risks, delved into the implementation of the
NIST Framework and other cybersecurity risk management practices: for example, progress that is being made and identifying gaps, anticipated outcomes and unforeseen results.
Take Aways:
There was wide agreement that staying ahead of the hackers – in particular state supported hackers – is extremely problematic.
The NIST Framework is helpful in several ways. It facilitates the conversation between the players. Raytheon, for example, said it has aided them in discussions with their vendors and subcontractors so that all are meeting the same standards. This is particularly important since Raytheon, as a government contractor handling secret material, is responsible for ensuring the security of that material along the supply chain.
The Governor of Delaware Jack Markell emphasized that Delaware learned the cybersecurity lesson the hard way when social security numbers in the state system were stolen by hackers. It was very time consuming and expensive to correct. However, the focus on cybersecurity in the state has now made it attractive to businesses – very important since the finance sector and insurance are important to the state’s economy.