Government Technology

    Digital Communities
    Industry Members

  • Click sponsor logos for whitepapers, case studies, and best practices.
  • McAfee

Making Cyber-Security a National Priority



October 5, 2009 By

As the Pentagon continued its development of the F-35 Joint Strike Fighter program -- the costliest weapons project in U.S. history -- news surfaced in April that for more than a year, hackers downloaded several terabytes of sensitive data from contractors' computers.

The breach was a startling realization that even the most secretive projects are vulnerable. Defense Secretary Robert Gates admitted to CBS News that the United States is "under cyber-attack virtually all the time, every day" and that the Pentagon is changing its strategy to combat and use cyber-warfare in the U.S. defense policy. Gates ordered the creation of a new military cyber-command that will defend the Pentagon's networks and conduct cyber-warfare. The Pentagon also will more than quadruple the number of security experts it employs to combat cyber-attacks.

Yet as hackers and botnets -- groups of "zombie" computers that autonomously spam the Internet -- continue to attack organizations worldwide, a prevailing cyber-security question is how to unite the public and private sectors, as well as individual computers, to fight cyber-crime.

Partnering With Citizens

President Barack Obama announced that cyber-security is a national priority and that he'll appoint a cyber-security coordinator. He also stated that the U.S. government would collaborate with the private sector to create a comprehensive national cyber-security policy. But he did not outline citizen involvement, which some security experts say is crucial.

"I think civilian participation in cyber-security is absolutely essential because the systems that are used in attacks and most of the systems that are attacked are owned and operated by civilians," said Susan Brenner, professor of law and technology at the University of Dayton School of Law.

Brenner believes the current system for cyber-space enforcement is outdated and based on modern criminal law that's oriented around territorial domains, which limits law enforcement. Because cyber-attacks occur from anywhere around the world, law enforcement deterrence and prevention has become very difficult.

Brenner said cyber-crime can be prevented by information sharing and coordinating response from the public and private sectors, and especially individual citizens. Since citizens are usually the ones attacked, Brenner said they should be included in cyber-security response by reporting attacks and making their systems more resistant.

Since civilians often don't report attacks to authorities, cyber-security enforcement is losing valuable information about cyber-attacks. If law enforcement and the military create a rapid flow of threat data across the public, private and individual sectors, the nation's cyber-security would be strengthened, Brenner said.

Brenner suggested a "distributed" approach to cyber-crime, where governments would require anyone accessing cyber-space to employ security measures, without infringing on civil liberties. New cyber-crime prevention laws could potentially require citizens and private- and public-sector organizations to implement tools necessary to prevent threats like identity theft, anonymous e-mail relaying and the expansion of botnets.

"People are currently the biggest flaws in cyber-security," said Joseph J. Schwerha, associate professor of business law at California University of Pennsylvania, who co-wrote an article with Brenner on cyber-crime. "Because information has to be available for people to use it, people are frankly the weak link in the chain."

Educating the Population

Education has been the primary cyber-crime prevention strategy, with numerous organizations -- including the U.S. Department of Homeland Security, InfraGard and the United States Computer Emergency Readiness Team -- gathering and relaying information about cyber-threats. Education is essential on the individual level, Schwerha said since cyber-criminals are increasingly targeting and hijacking individuals' computers to conduct cyber-warfare and perform other malicious activities.

The National Cyber Security Alliance (NCSA) is a public-private organization that specializes in cyber-security awareness to build a national understanding about appropriate online tools and behavior.


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Digital Cities & Counties Survey: Best Practices Quick Reference Guide
This Best Practices Quick Reference Guide is a compilation of examples from the 2013 Digital Cities and Counties Surveys showcasing the innovative ways local governments are using technological tools to respond to the needs of their communities. It is our hope that by calling attention to just a few examples from cities and counties of all sizes, we will encourage further collaboration and spark additional creativity in local government service delivery.
Wireless Reporting Takes Pain (& Wait) out of Voting
In Michigan and Minnesota counties, wireless voting via the AT&T network has brought speed, efficiency and accuracy to elections - another illustration of how mobility and machine-to-machine (M2M) technology help governments to bring superior services and communication to constituents.
Why Would a City Proclaim Their Data “Open by Default?”
The City of Palo Alto, California, a 2013 Center for Digital Government Digital City Survey winner, has officially proclaimed “open” to be the default setting for all city data. Are they courageous or crazy?
View All