The Jainists of India have a parable. It is the story about the blind men feeling the elephant – each one feels something different. Watching the Federal government roll out a cyber “strategy” over the past couple of week has felt just that way. The cyber-elephant is a vast and ever-expanding body, and Washington is mucking around this way because of two basic problems. In its simplistic form, the first challenge is definitional and the second challenge is doctrinal.
National security leaders like Leon Panetta, Janet Napolitano and even President Obama have been telling members of Congress and the country that unless immediate action is taken, the United States will suffer cyber attacks guaranteed to shut down our power, communication, financial and water infrastructure sectors. Well, I’m not buying it. The politics of fear is a D.C. classic.
The New York Times recently admitted it had been raided by Chinese “privateers,” stealing reporter’s notes and sources. With this act by the Chinese, we now face clearly the idea that a nation-state can try to enforce its will on an individual private actor inside the United States. Moreover, they have done so to an actor that is not a part of the national security or industrial base. This act must be responded to swiftly and aggressively. And Washington seems not yet prepared to deal with it.
Yogi Berra once observed after two of his teammates smacked back to back homers, “it was déjà vu all over again.” His wisdom applies to cyberspace in 2013 – it is going to be déjà vu all over again. Here are four likely Cyber Challenges we will encounter this year. None of these challenges are “fatal.” They are simply the challenges at hand.
There are few spots left around the world without Internet access, and few people who cannot reach out to access it. It has been relatively free of state interference and American dominated. However, the Net has had mounting problems, and 2012 has marked the end of the old Internet as we knew it. The days of an American-controlled freewheeling Internet with unlimited access and relatively cost-free access are over.
By Doug Doan
So far, none of the presidential candidates have mentioned much about Homeland Security. With so many other problems, issues surrounding how best to organize, manage and lead the vast DHS bureaucracy are just not that important. Too bad. I would have liked to see the candidates talk about what they might do. Here is an agenda that I happily provide.
Senate Majority Leader Harry Reid and his congressional colleagues’ proposed Cyber Security Act of 2012 is the wrong solution for America’s cybersecurity problem. The split is not between Democrats and Republicans; it is between competing views of the way to better security. The main reason these efforts are wrong is that they are based on a regulatory model. This sort of solution is a 19th-century answer for a 21st-century problem.
Many companies are examining the possibility of switching to Bring Your Own Device (BYOD) as a method of significantly reducing their IT infrastructure capital costs. Here is but another example of how short-term versus strategic thinking is creating havoc in American business. The dangers associated with BYOD far outweigh the short-term benefits. Convenience and a perception of cost reductions appear to again be trumping sound security practices.
The White House’s 2009 Cyber Review estimated the loss of intellectual property from companies as a result of cyber-based hacking in 2008 alone exceeded $1 trillion in value. FBI Director Mueller said in 2009 that his Bureau was aware of 3200 Chinese front companies operating in the United States. Kudos to House Intelligence Committee Chairman Mike Rogers for telling the American public about the significant efforts of countries like China to utilize every means available to spy on American companies – something the National Economic Security Grid has designated as the “Advanced Persistent Asymmetrical Threat.”
After twenty years of rapid growth, we now stand with an unregulated and uncontrolled Internet vulnerable to attack and disruption from anywhere and by anyone on the planet. We have minced around the edges of doing something about this essential part of our daily lives for years. The time has come to declare reality. It is a public utility. It affects all Americans lives. It needs to be regulated by the government.