It is hard not to notice the increase in activity and public information about cyber threats that has been in the media lately.
That concern was borne out by testimony during a Feb. 2 hearing in which the chairman of the House Intelligence Committee, Republican Mike Rogers of Michigan, warned of the severe consequences of a cyber attack on the United States.
Rogers used the hearing to solicit the views of James R. Clapper, Director of National Intelligence, David Petraeus, Director of the Central Intelligence Agency, Lt. Gen. Ronald L. Burgess, Director of the Defense Intelligence Agency, and Robert S. Mueller, Director of the FBI.
“Given classified briefings that we’ve had, discussions with all of you (the top intelligence officials) and your counterparts … that a cyber attack is on its way,” Rogers expressed concern that “We will suffer a catastrophic cyber attack.”
It is rare for a government official to reference information in classified briefings but this was one time that it caught allot of attention.
Those are pretty strong words, arguably the strongest warning about the threat of cyber attack that we have ever heard from Capitol Hill.
Rogers and the committee’s top Democrat, Rep. Dutch Ruppersberger of Maryland, commented that now is the time for Congress to act and pass cyber security legislation.
To put this in perspective, a recent study by Bloomberg Government and the Ponemon Institute concluded that “critical infrastructure companies would need to spend nine times more on cyber security in order to prevent a surprise digital assault,” according to a Feb. 2 InfoSecurity report.
Given the current economic environment it is doubtful that critical infrastructure providers are likely to increase their cyber security spending by 900%. Even if legislation is passed mandating improved cyber defenses, it will take some time, years not months, for these measures to be designed implemented, tested and put into operations.
It does not sound like we have that much time.
Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute, where he provides consulting services on strategic technology and security issues. He writes weekly for Breaking Gov on the topic of cyber intelligence.