Experts stress public-private collaboration is key to protecting infrastructure

London Conference on Cyberspace hears how government and private firms should work together to protect critical national infrastructure

Experts at the London Conference on Cyberspace today argued that collaboration between the public and private sectors is essential to the protection of critical national infrastructure, as much of it is controlled by private organisations.

Matthew Kirk, group external affairs director at Vodafone, explained that the task still lies at least in part with government.

"Although this protection of infrastructure is one of the core responsibilities of government, most of the networks aren't run by government. They're often run by private sector companies," said Kirk.

"So clearly, the relationship between government and the private sector is fundamental."

He argued that a model to enable a trust-based exchange of information between organisations is needed in order to combat the large growth in attacks on networks.

"There's a huge increase in these attacks at the moment. The target can be the network provider, the customer – which could be a company or the government – or the infrastructure itself," he said.

"We need to build trust-based systems allowing exchange of information about threats."

However, he stated that this exchange is potentially hampered by the sensitivity of this information.

"This exchange would involve disclosing information about your vulnerabilities to competitors and customers. For government this could be some of the most sensitive and secret information it holds," added Kirk.

He concluded that collaboration is needed not just nationally, but internationally.

"The networks that underpin this national infrastructure are increasingly international. You can't look at cyber security in a national context any more," he said.

"The databases, domain names and address registries are globally distributed. That creates resilience in the system, but also means that this national approach can't survive. The threat itself is highly international and highly mobile."

Kirk added that initiatives between some European countries are underway to build an understanding in the area of securing this critical infrastructure.

"There are initiatives between UK, Netherlands and Italy to help build a community of trust," he said.

Erik Akerbomm, Dutch national co-ordinator for counter terrorism and security, referenced the recent DigiNotar breach as an example of an attack on the Dutch critical national infrastructure.

"In late August 2011, it became known that [Dutch certificate authority] DigiNotar had become hacked. It was a body that issued digital certificates for government organisations and many law firms in the Netherlands," he explained.

"The reliability of certificates came under serious threat. Government revoked trust in DigiNotar and took over the operation. Every certificate needed to be replaced quickly, and controlled migration was essential."

Akerbomm described the collaboration that was essential to reducing the impact of the breach, and eventually found it to be the work of an Iranian hacker.

Experts stress public-private collaboration is key to protecting infrastructure

London Conference on Cyberspace hears how government and private firms should work together to protect critical national infrastructure

"At the specific request of the Dutch government, Microsoft delayed a software rollout for one week [enabling potentially fake certificates to be revoked]," he said.

"Collaboration between public and private bodies minimised the impact of the breach."

He added that no system connected to the internet can ever be fully secure, but steps can be taken to mitigate the inherent risks.

"This was a serious wake-up call for the Netherlands. Watertight security is impossible to achieve on the open system that is the internet. We just need to ensure we have an adequate response prepared when breaches happen," he said.

"We also need to have the expertise to be able to understand our own IT systems. For example, it took some time to work out which certificates were in use."

Echoing Kirk's earlier sentiments, he concluded that international co-operation is also required.

"As a single country, you can't achieve much – the internet [and its infrastructure] is global," said Akerbomm.

Harry Van Dorenmalen, chairman of IBM Europe and member of the Dutch National Security Council, added that continued investment in technology is also required to fight the threats to infrastructure.

"Never compromise on innovation or technology. If you don't invest, you lose the ability to defend yourself in the future," he said.