Domestically, he sees more room for cooperation between the government and the business community, observing that both sectors are coming under the same types of attacks from common adversaries, and could each benefit by sharing information about emerging threats.
But beyond information sharing -- an area where there is broad agreement that both the public and private sectors could do a better job -- Connolly knocks both government and industry for failing to develop a strong, broadly adopted cybersecurity framework.
"The multiplicity of standards, the lack of uniformity of standards both within the federal government and, frankly, in the private sector is of great concern," he says.
Though he cautions that a disastrous attack -- the sort takes down major swaths of critical infrastructure -- could prompt lawmakers to take action on cybersecurity legislation, Connolly acknowledges that movement on the issue on Capitol Hill has been slow.
"What's really interesting in Congress is, candidly, we really haven't done much," he says.
Sign up for CIO Asia eNewsletters.