The first panel of AFCEA’s Annual Homeland Security Conference had Cyber Security as a subject. That alone says something for the predominance and importance of this issue today. The discussion was a fine starting point for the event. Overall, it was a superb panel that covered a wide swath, and did it well.
The Senate Commerce, Science and Transportation Committee held a long awaited hearing on Cyber Security. Chairman John Rockefeller began with the thought that a major cyber attack could shut down our nation’s most critical infrastructure. He called for legislation to “modernize the relationship between the government and the private sector on cyber security.” A stellar group of witnesses appeared, all who added to the growing discussion on cyber security.
Well, the week of 15 – 19 Feb 2010 was a fascinating one if you follow cybersecurity events. The bellwether stories are numerous, and reaction to them has been varied. Even if you don’t join in the debates of the blogosphere, it sure is fun to “watch.” On the serious side, these issues are all critical ones, and the number of experts (real ones, not the self-proclaimed variety) who hold widely varying positions shows the challenge of this field.
The Bipartisan Policy Center, which has ported over the 9/11 Commission co-chairs, Lee Hamilton and Tom Keane, is coordinating the major cyber exercise this week. The U.S. Government has conducted closed versions of cyber war games several times before, and the results are held very closely. At other times, cyber attacks have been injected into broader exercise scenarios but almost always are abandoned because it “ruins” the wider training value. That means cyber brings the entire show to a halt because we really do not know how to deal with it.
The Center for a New American Security (CNAS) has published a superb document – Contested Commons: The Future of American Power in a Multipolar World (January 2010). It covers comprehensively all the various domains and is a weighty tome. My interest in it is the fifth chapter, “American Security in the Cyber Commons,” which if it stood alone would be one of the best documents on the issues in the cyber realm I have seen.
IBM has a new cybersecurity white paper. The paper’s executive summary, which I co-authored and is posted below, is titled Meeting the Cybersecurity Challenge: Empowering Stakeholders and Ensuring Coordination. The issues, challenges and possible paths to greater national cybersecurity named in the summary are important concepts. Through a comprehensive, wide-spread cybersecurity effort, all individuals, businesses, organizations, agencies and corporations can play a part in achieving greater national security.
Much recent talk and writing has focused on the continued need for “real” public-private sector cooperation in the cyber realm. Everyone quotes the famous statistics that 70 percent (or 80 percent, even 90 percent) of our critical infrastructure is owned or controlled by the private sector, and all of that is highly dependent on cyber means to do business. How can the government protect this private infrastructure it if it does not own it?
Today, we tend to conflate cyber crime with cyber espionage and cyber warfare. We call all of them attacks, and this confuses an issue that is already complicated and hard to understand. Cyber crime is basically a commercial endeavor, designed to make money. The others are intended to gain advantage or cause mischief. So, what are some cyber crime examples?
Recently, an official of the National Security Agency stated that the shortage of highly talented information security professionals had not yet hurt our security, but that it sure made the job more of a challenge. The operative word here is “yet.” Thank God for those professionals manning the terminals across all of our diverse infrastructure sectors. They are holding off the growing tide of cyber threats, and they need help.
Sponsored by:
