debate over cybersecurity

Hayden: Political culture limits government’s ability to protect IT systems

Last year’s hack at the Office of Personnel Management that led to the loss of more than 21 million personnel records was the result of poor cyber hygiene, according to Gen. Michael Hayden, the former director of the National Security Agency and CIA.  And the attack itself was rather impressive.

“The OPM hack was actually a legitimate instance of state espionage,” Hayden said in a keynote address at the recent Gigamon Cybersecurity Summit. “If I could have done this to the Chinese database when I was director of NSA, I would have done it in a heartbeat,” he said. “It was not an illegitimate state activity” on the part of the Chinese, Hayden said. “The only thing illegitimate was our ability to defend ourselves -- or more accurately the government’s ability to defend you.” Hayden added.

The OPM breach, along with other successful hacks on federal systems, has contributed to government workers losing faith in their agency’s ability to protect information systems from cyber intrusions. In a survey of 464 senior-level federal workers, only 8 percent said they were very confident in their agency’s ability to protect information systems.

The U.S. government needs to do a better job of fortifying its systems and securing sensitive data, but that’s not an easy task because we haven’t defined the rules of the Internet, Hayden said.  “We have hardly begun the cybersecurity conversation,” Hayden said. “The Internet is the largest ungoverned space in recorded history, and you and I have decided to put everything we have that’s valuable up there, so what could possibly go wrong?”

The privacy versus security debate also limits the government’s ability to protect its information. “You and I have not yet decided what it is we want -- or what it is we will allow our government to do -- to keep us safe in this domain,” he said.

“All governments have had trouble with cybersecurity, but our government will have particular trouble because of our political culture,” Hayden said. “Our commitment to the Fourth Amendment and our historical distrust of the government is going to keep our government off the field.”

About the Author

Derek Major is a former reporter for GCN.

inside gcn

  • municipal fiber (Solomonkein/Shutterstock.com)

    The risky ROI on municipal broadband

Reader Comments

Thu, Jun 2, 2016

Hayden's statement about "you and I have decided to put everything we have that’s valuable up there" is not 'the whole truth' as it misses the involuntary choices about our data made by organizations. Many organizations collect data without giving their customers a choice (e.g. credit check to get power for your house, government forms that collect personal data, etc.) and have made that decision for their customers.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group