Gregory Garcia, Assistant Secretary for Cyber Security and Telecommunications, told attendees at the RSA Security Conference that the nation still has a long way to go before being ready to respond to a serious cybersecurity incident.

"Our networks are, by and large, interdependent because our networks are interconnected," Garcia said. "Home users, governments, and private companies all need to be aware of their responsibilities."

The number of reported incidents have surged to 23,000 in 2006 from 5,000 in 2005, according to the latest data from the DHS. Moreover, the number of vulnerabilities disclosed to public sources jumped by more than a third in 2006 over the previous year, although most of the flaw reports could be attributed due to increased scrutiny of Web applications.

The U.S. government has had a spotty record in dealing with cybersecurity. Garcia became the first Assistant Secretary of Cyber Security and Telecommunications in September, more than a year after the post was created by Congress. While federal officials and private participants completed the first international cybersecurity exercise in February, eight federal agencies--including the Department of Homeland Security--failed to get passing grades in an annual security audit.

Threats continue to multiply, Garcia said. The U.S. Computer Emergency Readiness Team (US-CERT) has monitored as many as 3,000 bot net command and control channels believed to be responsible for millions of compromised machines, he said. Target trojan horse, which have attempted to compromise government servers, are on the rise.

"Our networks and systems are vulnerable and exposed," Garcia said. "Our adversaries are motivated and sophisticated."

Reaching out to companies to aid the nation's fight against cybercrime and cyberattacks is not surprising. The private sector owns more than 80 percent of the critical infrastructure in the United States, including the servers and backbones that make up the Internet. While the government continues to develop cybersecurity expertise among key personnel, not enough federal employees have the knowledge necessary to be part of the 'A' squad, Christopher Painter, deputy chief of the Computer Crime and Intellectual Property Section (CCIPS) at the U.S. Department of Justice, said during a panel discussion on Wednesday.

"The bench is not very deep in terms of cyber response," Painter said.

The DHS's immediate plans call for the department to work with the companies to deter attacks, develop better response plans and build awareness in specific industries, such as finance and power.

Its not too late to help out, Garcia said, adding that interested firms should become familiar with the National Infrastructure Protection Plan.

"Companies that have not participated are just in time to jump in with both feet," he told attendees.