Is government ignoring the threat of cyberterrorism?
- By William Jackson
- Nov 12, 2003
The government has not been taking the threat of cyberterrorism seriously enough, according to the author of a new book on the subject.
Dan Verton, author of Black Ice: The Invisible Threat of Cyberterrorism
, said the private sector has forestalled regulating privately owned critical infrastructure components despite government recognition of their importance to national security.
'If we are going to call them national security concerns, we should start treating them like national security concerns,' he said during a speech at the Cato Institute in Washington.
Verton criticized the IT security community for what he called appeasement, accepting unacceptable levels of risk and focusing on past threats rather than future dangers.
'This is going to be one of the primary battlefields of the future,' he said. 'We need to have a discussion of cybervulnerabilities today, before the next failure occurs.'
George Smith, a senior fellow with Globalsecurity.org of Alexandria, Va., and co-editor of vmyths.com
, which combats what it calls computer hysteria, was less critical of the state of IT security.
'We haven't seen any direct physical attacks that fit the prognostications of the doomsayers,' Smith said.
He said reports of cyberthreats too often are accepted without critical evaluation and that there is a high level of 'flake factor' in cyberterrorism discussions.
The background of the two men was reflected in their approach to cybersecurity. Verton'a former Marine with a crewcut, suit and tie'presented the threat in military terms of victory or defeat. Smith'bearded with an open collar and generally rumpled'cautioned against mistaking hype for facts.
But both agreed that the reactive nature of security today is inadequate for keeping pace with the quickly evolving nature of threats to the IT infrastructure.
William Jackson is a Maryland-based freelance writer.