While government and private sector officials yearn for robust partnerships that they see as vital to making progress on cybersecurity, both sides need to do a better job at making those kinds of partnerships very effective, new research from MeriTalk shows.
The MeriTalk research – executed in partnership with RSA Conference, underwritten by Cofense, Keeper Security, Recorded Future, Secureworks, and SentinelOne, and capturing the viewpoints of 100 Federal and 100 private-sector security experts – shows that a whopping 93 percent of respondents believe that public-private partnerships are “vital” to national cyber defense.
But at the same time, only about one third of respondents believe that those kinds of partnerships are “very effective” currently. They also rate today’s partnerships with a bland grade of “C-plus” in identifying systemic risk, coordinating incident response, and protecting critical infrastructure.
So what’s wrong with the current state of partnerships? The age-old problem of trust while sharing secrets may have something to do with it.
The research shows that while 92 percent of respondents say they share cybersecurity information within partnerships, 63 percent admit to some reticence in doing so. Of the 200 people surveyed, 43 percent believe that the private sector is more likely to share information than the government.
The two sides also appear to remain far apart on the best ways for government and private sector organizations to cut cyber risk. None of the four alternatives suggested for government-led or private sector-led efforts gathered as much as 30 percent support in the research.
The good news for partnerships is that both government and private sector respondents share similar views on the common problems that they face. Among those closely-linked concerns: 98 percent of respondents are working to minimize supply chain risks, and 95 percent believe that information share will provide critical insights in an interconnected world.
“Improving communication and trust between the public and private sectors is key to reducing cybersecurity risks,” commented Nicole Burdette, principal, MeriTalk. “From MeriTalk’s perspective at the heart of government IT, it’s gratifying to see cyber decision-makers say President Biden’s Cybersecurity Executive Order prompted their organization to review internal processes and rethink the way they collaborate with public and private sector partners.”
For the whole story, please register here for a complimentary look at the new research.