Cyberattacks have breached the Pentagon and sent businesses into bankruptcy. Still, it might take a cyberdisaster that causes damage on the scale of Hurricane Katrina in 2005 to get lawmakers to pass legislation aimed at shoring up the U.S.’s infrastructure.
The White House has proposed an executive order to address part of the problem, but Gen. Keith Alexander, the director of the National Security Agency and commander of U.S. Cyber Command, says that is not enough.
The Pentagon has a pilot program that will help private companies work with the government to help them protect their own information.
But that program “doesn’t give us the ability to work with the Internet service providers and allow that to benefit the rest of the critical infrastructure and the rest of government,” Alexander said during an Oct. 1 panel discussion at the Woodrow Wilson Center in Washington. “That’s really what we need this legislation for.”
An executive order also would fail to address liability protections to shield companies from lawsuits over information-sharing that are needed to encourage participation, says Susan Collins (Maine), the ranking Republican on the Senate Homeland Security Committee and a co-sponsor of cybersecurity legislation.
“I think the executive order is a mistake,” Collins says. “I fear that it actually could lull people into a false sense of security that we’ve taken care of cybersecurity.”
This article first appeared in Aerospace Daily & Defense Report.
– Jen DiMascio
{ 22 comments… read them below or add one }
Just look at that man's face. A remorseless psychopath if I've ever seen one. Probably insane.
You obviously don't know anything about GEN Alexander. He is one of the most intelligent, astute people I met in 22 years of Active Duty. He's smart, inquisitive and knows how to get things done. Right now he's doing the work of at least two general officers in running Cyber Command and NSA. He is also the first Military Intelligence officer to reach 4 stars. And no, I don't work for him…
Guy is from army with postings in Military Intel.
Edit: At least he knows what an IP address is, haw haw.
Let's not forget that the Israelis own a company that handles all the billing for phone companies in the US. They have access to all phone records. How was this ever allowed to happen?
So what. The U.S. is owned by China.
Look chicken little, China owns a little less than 7% of the total us national debt…… the sky isn't falling
This posted story here is a little too superficial; there's no real meat to it. There are various issues surrounding the upcoming Executive Order, some non-political (privacy concerns if information sharing between government and private business is mandatory or even voluntary but incentivized), others blatantly political (two separate bills in Congress were killed, and various legislators – including Senator Collins, who's named in the above post – have been complaining about exclusion in the discussion process. Whether that's justified given their knowledge, or political given their party affiliations is up to you to decide). But the point is that there's much backkground and context to the story that's worthy of mention and discussion, but it's simply not included above.
The issues are:Mandatory enforcement, or voluntary standards. Since everyone's now talking about an Executive Order rather than actual laws, this current proposal will obviously be a voluntary standard. But the question for the future remains: Should the elements in the Order get made into law?
Privacy: Should private sector information be readily shared between the private sector, law enforcement, the federal government, and potentially the DHS and Pentagon? If yes, should it be mandatory or voluntary?
Will security standards be honestly onerous to private businesses? Or will it actually result in savings, given that damage will be reduced from the increased national vigilance?
There are more – if you're into political infighting, there's the fact that a bipartisan bill was killed off, and as Senator Collins noted elsewhere, the White House has not invited the bills authors into their discussion. And separately, Republicans killed off a White House sponsored bill, which appears to have annoyed the White House. Frankly, that stuff's about as appealing to me as Pro Wrestling (which is to say "Not"), but some might enjoy it.
Which bills were killed?
I'd be interested to pop into Thomas.loc.gov and have a look myself
(Note to me: Click on "Reply", not "Report"… *blush*…)
According to thehill.com, one bill was called the "Cyber Intelligence Sharing and Protection Act (CISPA)". Despite passing in the House, that bill apparently went nowhere in the Senate when the White House threatened to veto it. According to a CNN blog, the other was called "The Cybersecurity Act of 2012"; that was the bipartisan one I mentioned above (although the Thomas.loc.gov site only lists the Democrat author – Lieberman – in conjunction with it), and it also failed in the Senate, but due to a Republican push, not a White House veto threat (the WH apparently endorsed that one).
I do wonder how to tell from that site whether a bill is dead or not. The news sites are reporting both of the above as done, but that site merely discusses its last landing point, and not whether it's passed or not. I admit to confusion.
As long as it doesn't affect porn it should be alright
"Cyberattacks have breached the Pentagon and sent businesses into bankruptcy."
Which businesses?
F-35 business.
yep its comparable to the number of businesses that have to close down because the owner's cat goes missing.
There have been a couple of instances of small- to mid-size companies that went bankrupt after having their bank accounts fraudulently drained. Even if you work with law enforcement and the bank to try and recover the funds, the delay can easily cause cash flow and credit issues that sink the company anyway.
Privacy is a privilege, unless you get stuck in “The Centers” in Ocala, FL. I believe private information belongs in the hands of our Military, considering THEY ultimately allow Americans to sleep without 1eye open, I Thank God each day I wake up safe & alive, I couldn’t imagine having the huge responsibility of coordinating all the branches of our Defense, if not done With utmost privacy, we could be at risk of events like 911, so if our country needs info any shape or form, Thank God they care enough to be in places most of us could never imagine, our military sleeps w one eye open so us Americans never have to.
"Privacy is a privilege"? Have you ever read the Fourth Amendment to the US Constitution; while you are at it, why not read the entire Constitution – you will then be a lot more enlightened then so many Americans.
well its about time they look at cyber threats a little more now. im glad to see that they are taking action now
it would be a smart move to self produce critical parts of the systems needed to be cybersecure, instead of importing it from a country you can't exactly count as an ally from the USA. it also would be a smart move to hire people who actually understand what they are doing, so you won't end up with a system that monitors just americans and not the people that really are the problem. wanna bet how it will end up?
Read The Shadow Factory by James Bamford. The intelligence community has already been invaded. Too late.
A preliminary check of the summaries about The Shadow Factory indicate they are about the NSA being used for domestic surveillance.
Cyberwar makes about as much sense as declaring war on shoplifting and creating a Strategic Shoplifting Command. It is halfwitted.
These sort of bogus organisations tend to attract the stupid and clueless and nothing scares them more then the idea that someone is going to call them on the whole thing and they will be an unemployed laughing stock.
It used to be if you went around claiming the Chinese are going to destroy cities using thier computers they would lock you up as a raving lunatic not give you a billion dollars to waste.