Government Technology

Making Cyber-Security a National Priority



October 5, 2009 By

As the Pentagon continued its development of the F-35 Joint Strike Fighter program -- the costliest weapons project in U.S. history -- news surfaced in April that for more than a year, hackers downloaded several terabytes of sensitive data from contractors' computers.

The breach was a startling realization that even the most secretive projects are vulnerable. Defense Secretary Robert Gates admitted to CBS News that the United States is "under cyber-attack virtually all the time, every day" and that the Pentagon is changing its strategy to combat and use cyber-warfare in the U.S. defense policy. Gates ordered the creation of a new military cyber-command that will defend the Pentagon's networks and conduct cyber-warfare. The Pentagon also will more than quadruple the number of security experts it employs to combat cyber-attacks.

Yet as hackers and botnets -- groups of "zombie" computers that autonomously spam the Internet -- continue to attack organizations worldwide, a prevailing cyber-security question is how to unite the public and private sectors, as well as individual computers, to fight cyber-crime.

Partnering With Citizens

President Barack Obama announced that cyber-security is a national priority and that he'll appoint a cyber-security coordinator. He also stated that the U.S. government would collaborate with the private sector to create a comprehensive national cyber-security policy. But he did not outline citizen involvement, which some security experts say is crucial.

"I think civilian participation in cyber-security is absolutely essential because the systems that are used in attacks and most of the systems that are attacked are owned and operated by civilians," said Susan Brenner, professor of law and technology at the University of Dayton School of Law.

Brenner believes the current system for cyber-space enforcement is outdated and based on modern criminal law that's oriented around territorial domains, which limits law enforcement. Because cyber-attacks occur from anywhere around the world, law enforcement deterrence and prevention has become very difficult.

Brenner said cyber-crime can be prevented by information sharing and coordinating response from the public and private sectors, and especially individual citizens. Since citizens are usually the ones attacked, Brenner said they should be included in cyber-security response by reporting attacks and making their systems more resistant.

Since civilians often don't report attacks to authorities, cyber-security enforcement is losing valuable information about cyber-attacks. If law enforcement and the military create a rapid flow of threat data across the public, private and individual sectors, the nation's cyber-security would be strengthened, Brenner said.

Brenner suggested a "distributed" approach to cyber-crime, where governments would require anyone accessing cyber-space to employ security measures, without infringing on civil liberties. New cyber-crime prevention laws could potentially require citizens and private- and public-sector organizations to implement tools necessary to prevent threats like identity theft, anonymous e-mail relaying and the expansion of botnets.

"People are currently the biggest flaws in cyber-security," said Joseph J. Schwerha, associate professor of business law at California University of Pennsylvania, who co-wrote an article with Brenner on cyber-crime. "Because information has to be available for people to use it, people are frankly the weak link in the chain."

Educating the Population

Education has been the primary cyber-crime prevention strategy, with numerous organizations -- including the U.S. Department of Homeland Security, InfraGard and the United States Computer Emergency Readiness Team -- gathering and relaying information about cyber-threats. Education is essential on the individual level, Schwerha said since cyber-criminals are increasingly targeting and hijacking individuals' computers to conduct cyber-warfare and perform other malicious activities.

The National Cyber Security Alliance (NCSA) is a public-private organization that specializes in cyber-security awareness to build a national understanding about appropriate online tools and behavior.


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Fresh Ideas In Online Security for Public Safety Organizations
Lesley Carhart, Senior Information Security Specialist at Motorola Solutions, knows that online and computer security are more challenging than ever. Personal smartphones, removable devices like USB storage drives, and social media have a significant impact on security. In “Fresh Ideas in Online Security for Public Safely Organizations,” Lesley provides recommendations to improve your online security against threats from social networks, removable devices, weak passwords and digital photos.
Meeting Constituents Where They Are With Dynamic, Real-Time Mobile Engagement
Leveraging the proven and open Kofax Mobile Capture Platform, organizations can rapidly integrate powerful mobile engagement solutions across the spectrum of mobile image capture, mobile data capture and complete mobile process integration. Kofax differentiates itself by extending capture to mobility, supporting multiple points of constituent engagement. Kofax solutions dynamically orchestrate the user’s mobile experience from a single platform—reducing time to market, improving process perf
Public Safety 2019
Motorola conducted an industry survey on the latest trends in public safety communications. The results provide an outlook of what technology is in store for your agency in the next five years. Download the results to gain this valuable insight.
View All

Featured Papers