October is Cyber Security Awareness Month: A Summary of Events Thus Far
October is National Cyber Security Awareness Month, and people across the policy spectrum have been very vocal on the issue.
“As Washington fiddles, the vulnerability of U.S. infrastructure, private and public devices and networks grows. The U.S. has no clear, coordinated and effective policy to mitigate the complex threat. The public has no idea how vulnerable they are, and are left out of the debate.”
|General Keith Alexander|
On October 5th, the U.S. Chamber of Commerce held a Cyber Security Summit in Washington D.C. General Keith Alexander, the National Security Agency Director and Cyber Command Chief, reassured the business community that the government wants to work together with industry – teaming up to discuss the best ways to secure the nation’s networks in a “way that is acceptable, and perhaps more importantly fiscally acceptable, to industry.”
At the same event, Representative Mike Rogers (R-MI), chairman of the House Intelligence Committee, gave a fiery speech directed at the administration’s cyber security approach, while likewise pushing for his own cyber security legislation sitting in the House – the Cyber Intelligence Sharing and Protection Act (CIPSA).
Both speakers faced a tough crowd, considering the Chamber of Commerce has been in opposition to the cyber security legislation in Congress.
|Rep. Mike Rogers|
On October 11th, Defense Secretary Leon Panetta spokein New York City to the Business Executives for National Security, highlighting the ever growing cyber threat facing our nation, stressing the fears of a worst-case scenario, "cyber Pearl Harbor."
“Cyberspace is the new frontier, full of possibilities to advance security and prosperity in the 21st century. And yet, with these possibilities, also come new perils and new dangers…
The greater danger facing us in cyberspace goes beyond crime and it goes beyond harassment. A cyber attack perpetrated by nation states are violent extremists groups could be as destructive as the terrorist attack on 9/11. Such a destructive cyber-terrorist attack could virtually paralyze the nation.”
Secretary Panetta concluded his speech by asking the business community to work together with government partners to find new innovative ways to combat cyber crime and threats, by first increasing the security of their networks.
“Help us remain ahead of the threats that we confront. By doing so, you will help ensure that cyberspace continues to bring prosperity to your companies and to people across the world.”
|Defense Secretary Leon Panetta|
In Congress Senate Majority Harry Reid (D-NV) responded to Secretary Panetta’s speech, stating that he would renew efforts to bring cyber security legislation for a vote when lawmakers return after the elections in November.
"Cyber security is an issue that should be handled by Congress, but with Republicans engaging in Tea Party-motivated obstruction, I believe that President Obama is right to examine all means at his disposal for confronting this urgent national security threat."
In September, bipartisan cyber security legislation failed to move through the Senate after claims made by republicans that the legislation would create regulation on private networks, ultimately burdening businesses.
After failing to pass legislation, President Obama’s administration began circulating a draft executive order to address the issue, which would mandate security at selected critical infrastructure. But this too has been receiving backlash, with lawmakers calling on the President to let them draft the laws to address cyber security needs.
And finally, today in the news there are new reports of cyber attacks on some of our largest Banks – including Capitol One Financial Corp. and BB&T Corp. These attacks have been attributed to Iranian hackers who are escalating their campaign of cyber attacks against US banks after Sec. Panetta’s speech.
Thus far most of the attacks have been disruptive denial-of-service attacks which bombard websites in an attempt to knock them off-line, rather than attempts to steal sensitive information. There have been at least nine different U.S. banks attacked recently, in some cases knocking websites offline and slowing the performance of others.
But the policy debate continues across the board on cyber security, with industry, the administration and lawmakers weighing in. But, as Cyber Security Awareness month continues, solutions are far from agreed upon and threats continue to linger.