The only way to create a secure online ecosystem is through the collaboration with authorities of private enterprises and the public, said a panel at the RSA Conference 2012 in San Francisco.
The primary motive for authorities is to find and put away the people that pose a threat to communities, as well as the private sector. The general public, as well as a vast majority of enterprises, are not well versed on potential threats, giving miscreants the upper hand.
"We have to disrupt the profit model of the cyber criminal," said Phyllis Schneck, vice president and chief technology officer of the public sector at McAfee. "Imagine what you could do with all the money in the world and no legal boundaries. That's what we're up against."
The National Cyber-Forensics and Training Alliance (NCFTA), a nonprofit that serves as a conduit between private enterprises and authorities, is working closely with the Federal Bureau of Investigation (FBI) and sharing intelligence as well anti-malware strategies.
Although the efforts of the NCFTA have led to hundreds of arrests and nearly $2 billion in savings in the last two years, there is still a lack of communication between organizations like this and the public, as well as private sector.
"There are components that need to be overcome to develop a trust model," said Ronald Plesco, president and chief security executive office at NCFTA. "We're all getting owned. We can either get mad, or proactively do something about it."
While organizations like NCFTA and authorities like the FBI have their way of managing risk, their biggest asset, panelists said, is their least informed – the public.
"It has become crystal clear to me that of the billions of people using the internet, only a small portion actually know how it works," said John Stewart, vice president and chief security officer of the corporate security programs organization at Cisco. "We do well when people volunteer to help. Any one of you can talk to authorities where you live and volunteer to share information. You'd be astonished at the number of times they'll take you up on that offer."
However, it may take the general public quite some time to get their heads around their vulnerabilities on the internet. But, once the basic knowledge is implemented and security becomes an important aspect of their everyday computing, cyber criminals will have to step up their efforts more than they have.
"I'm very hopeful that our efforts will continue this endeavor," said Pete Cordero, assistant section chief of the cyber criminal division at the FBI. "Rather than being reactive, we need to be preventative and proactive."