Kirstjen Nielsen: The US  needs private sector help to combat cyber threats 

A few keystrokes, thousands of miles away. Suddenly, the lights are out, communications systems are down and it's unclear what happened or who is responsible.

This is the new world of digital destruction. Cyberattacks against our critical infrastructure — the energy grid, emergency services, telecommunications, the financial services sector and more — have the potential for catastrophic effects disrupting our very way of life.

We are facing an urgent, evolving crisis in cyberspace. Our adversaries' capabilities online are outpacing our stove-piped defenses. In fact, I believe that cyber threats collectively now exceed the danger of physical attacks against us.

In short, our digital lives are at risk. And we need bold action to fight back.

This threat continues to grow for a number of reasons.

First, our increasing digital interdependence means that your risk is now my risk and my risk is now your risk. A vulnerability that is exploited in one system can result in unpredictable, cascading and widespread consequences — jumping from a tech company one minute to a healthcare provider the next.

Just look to last year, when in a matter of days WannaCry ransomware spread to more than 150 countries, bringing hospitals, car manufacturers and transportation companies to a halt.

Second, our cyber rivals are getting more sophisticated.

Years ago, a cyber intrusion might look like a sloppy home break in. The window would be broken, furniture upended and jewelry missing from your bedroom. You knew you'd been hit.

But cybercriminals and nation-states are getting savvier. Now, the door appears to be locked and your house is just as you left it. But in reality, the intruder has already been inside for hours and is waiting for the right moment to strike, undetected.

It is getting harder to detect threat actors as they try to exploit every possible weakness to steal from and manipulate Americans and disrupt and even destroy our critical functions.

Third, we aren't "connecting the dots" quickly enough.

Between government and the private sector, we have the data needed to disrupt, prevent and mitigate cyberattacks. But we aren't sharing fast enough or collaborating deeply enough to keep cyberattacks from spreading or to prevent them in the first place.

So what is the Department of Homeland Security doing about it?

We are rethinking homeland security — changing our posture, setting course to confront systemic risk and embracing a new "collective defense" strategy.

Each of us is on the frontlines of the digital battlefield, so we must work together to protect ourselves. Any of us could be the weak link that not only allows adversaries to infect our systems but allows them to spread further into others.

The Department of Homeland Security cannot (and should not) protect every system, every network and every smartphone.

Instead, in an era when our digital enemies are crowd-sourcing attacks, we must crowd-source our response.

That means bringing government agencies, industries and other partners together to break down silos — much as we did after 9/11 in our counterterrorism efforts — so that we not only share threat data in real-time but take immediate, collective action.

Nowhere is this more important than in our efforts to protect our nation's critical functions. We need to understand our risks — how they can affect our operational environments — and face them — together.

For many years, DHS has worked closely with the private sector, but it has become clear that we lack a single focal point for turning threat intelligence into joint action.

That is why last week we launched the National Risk Management Center, an initiative driven by industry needs and focused on fostering a better way to bring government and the private sector together to defend our nation's critical infrastructure.

Housed within DHS, the Center will allow analysts and network defenders to sit side-by-side to assess our country's cyber risks, plan to combat them and — most importantly — implement tailored solutions to protect our networks.

We will bring to bear the full expertise of the federal government. The Center will provide the private sector with a one-stop-shop to access programs from all departments and agencies and coordinate defenses against cyber threats that can affect all sectors.