Wyatt Kash | Elevate cybersecurity
Broadening concerns about cybersecurity are fueling calls to make it a matter of national security, subject to White House authority and oversight.
For now, elevating authority over cybersecurity is a sound idea that must wait for the next administration and a new Congress, but the issue appears to be approaching a tipping point.
Few dispute the escalating scale or seriousness of the vulnerabilities the United States faces in cyberspace.
What remains open to debate are how best to mitigate those risks and respond to attacks ' and who should lead those decisions.
Two things have become clear: Cybersecurity is no longer only a homeland security issue and the Homeland Security Department is no longer the best place to direct the national cybersecurity.
That was evident from testimony ' and the results of a new study to be released in November by the Cybersecurity Commission at the Center for Strategic and International Studies ' presented during House Homeland Security subcommittee hearings this month (GCN.com/1212). Among the commission's conclusions:
- Cybersecurity is now one of the most important national security challenges facing the United States. Yet the nation is not organized ' and the government lacks a comprehensive national strategy ' to deal with these challenges.
- The administration's Comprehensive National Cyber Initiative, launched in January, is a significant step forward. But it remains overly classified and provides little direction or coordination to government agencies.
- Interaction between the federal government and critical infrastructures in the private sector ' particularly in the electrical, communication and financial industries ' remains disjointed and inadequate to meet national security objectives.
- DHS lacks the employees, capability, authority and culture to do the job entrusted to it by the president and Congress.
- Deterrence against national threats also requires effective offensive capabilities in cyberspace for the defense and intelligence communities.
Just last month, at the Army Land- WarNet conference, the Strategic Command's commander for cyberspace, Gen. Kevin Chilton, reiterated the importance of viewing cyberspace as an operating domain, equal in scope to air, sea, land and space ' albeit one that operates at the speed of light ' and it requires a military readiness that goes beyond just protecting our nation's networks.
The lessons of this month's global financial crises were a sobering reminder: Assuring a fully functioning and secure cyber domain is too important to be left in the hands of a single agency, let alone DHS.