Does the Federal Government Need a Cybersecurity Bailout?

In our never ending news cycle, it’s hard to remember what happened 10 minutes ago — let alone a week. But we should focus on an important milestone from just over a month ago: on August 25th, the leaders of some of the biggest technology companies and private institutions met with the President of the United States to discuss cybersecurity.

This meeting comes hot on the heels of massive ransomware attacks on our national infrastructure and the continuing trend of escalating breaches. The President told the leaders, “I’ve invited you all here today because you have the power, the capacity and the responsibility, I believe, to raise the bar on cybersecurity.” In response, companies like Amazon, Apple, Google, and Microsoft have pledged billions of dollars to raising Cybersecurity awareness and training.

Is that enough?

While not unheard of, a government calling on its private citizens to help solve a problem doesn’t exactly inspire confidence in the government itself. Cybersecurity and preventing attacks such as ransomware is not a one-man job. It does require teamwork and information sharing.

However, when trying to solve a problem deemed a “national security” issue, the leaders of that nation should be the ones tasked with finding solutions.

The United States government should be leading this effort, not asking for private sector companies to figure it out. Where is the dedication on the federal side to match or exceed the asks of corporations? What specific actions will new task forces take to combat critical infrastructure attacks? Where are the public sector job openings for 50,000 new security engineers and threat analysts to help defend national interests?

While it’s great to unite competitors in a space for an altruistic goal of cyber defense, companies in the business of making money will naturally default to their prior models once the incentive to play nice is gone, making this a temporary stop-gap instead of a long-term strategy.

Cybersecurity is too important to leave alone. We’ve seen firsthand what one bad email click or keystroke can do. It can leave millions without power or gasoline. It can ruin trust. It’s a problem that is bigger than money and pledges alone can solve. It requires steadfast leadership. It requires incentive to continue to advance and adapt. Frankly, it requires a country dedicated to standing up for its people and ensuring that their way of life won’t fall apart based on an outdated server, or an “ANY/ANY” rule.

The United States serves as the Leader of the Free World. I feel our Government should — and can — take a stronger approach to this problem instead of sitting on the sidelines and tasking for-profit enterprises to take care of it for them.

Kevin Wilson is a Sr. Product Manager at Area 1 Security. Throughout his 15 year in Cyber Security, Kevin has been an Analyst and Engineer in various organizations such as the U.S Navy, First Data, and Lowe’s. Previously he served as the Global Information Security Officer at Guess? Inc as well as a Product Manager for McAfee.

How to replace your email gateway with Cloudflare Area 1

Leaders and practitioners responsible for email security are faced with a few truths every day. It’s likely true that their email is cloud-delivered and comes with some built-in protection that does an OK job of stopping spam and commodity malware.

Introducing email link isolation – Email gateway replacement playbook

This week was a big one for us at Cloudflare, one of our four innovation weeks which we hold annually, showcasing new developments, product news and reference architectures.

Superhero strategies for the Phish Fight

Today is National Superhero Day, and we would like to dedicate this day to you—the SOC teams and the security experts on the frontline of the phish fight.