Journal of Strategic Security - Best Practices for Operating GovernmentIndustry Partnerships in Cyber Security
Since the publication of the first National Strategy to Secure Cyber Space in 2003 the US federal government has realized that due to the interconnected nature of the Internet, securing the system would require an industry-government partnership. However, defining exactly what that new partnership would look like and how it would operate has been unclear. The ramifications of this ambiguous strategy have been noted elsewhere including the 2011 JSS article “A Relationship on the Brink” which described the dysfunctional state of public private partnerships with respect to cyber security. Subsequently, a joint industry-government study of partnership programs has generated a consensus list of “best practices” for operating such programs successfully. Moreover, subsequent use of these principles seems to confirm their ability to enhance the partnership and hopefully helps ameliorate, to some degree, the growing cyber threat. This article provides a brief history of the evolution of public-private partnerships in cyber security, the joint study to assess them and the 12 best practices generated by that analysis.