Saturday, September 28, 2013

America’s Internal War Over Cyber Security

Watching cyberspace developments in the United States is much like watching a serial psychodrama on television: it’s a saga filled with twists, turns, surprises, and unintended consequences.

The nation’s story arc involves two opposing forces on course to collide: the fear of personal privacy invasion and the capabilities necessary for the nation’s cyber security.

The consequences resulting from this struggle will majorly influence the personal safety of Americans over the next several years. Let’s take a look at both of these forces.

Tuesday, September 17, 2013

Paying Forward the Legacy of 9/11

As our nation commemorates the 12th anniversary of the September 11 terror attacks, it is important we honor the legacy of that day in both word and deed.

Over the course of the last week, many eloquent words have been spoken and memorable statements written about the events and memories of that fateful day. But above all, it is most important that the institutions meant to protect us meet their responsibilities by making decisions that safeguard our country from future attacks.

Barring a dramatic shift in the global landscape, the world will be a dangerous place for as far ahead as we can see. In such an environment, one fact is certain: the United States will continue to be the world’s number one target.

Thanks to their largely anonymous nature and disregard for physical borders, cyberattacks provide an increasingly attractive means for extremist groups and ill-intentioned nation states to target the U.S. Without international agreements to restrict their use or set a common framework for cyberwarfare behavior, the proliferation of cyberweapons and cyberattacks is all but assured.

Now matter how well grounded predictions of what may happen in the future might be, these calculations can easily be upended by circumstances and changing global factors beyond our control. Still, we can gather clues from the forces that influence the possible future.

Here are three forces we should be monitoring between now and the next 9/11 anniversary:

  • Increasing severity of cyberattacks against American institutions.
    When the types of attacks start to escalate from child’s play (like posting false Twitter messages or taking down a news website) to attacks that create operational damage, beware. This not only signals that attackers are increasing their sophistication, but also that we might face more serious dangers like extended power outages or communication interruptions.
  • Negative results from the upcoming test of U.S. utilities’ cyber defense capabilities.
    If November’s utility cyberattack resilience tests show serious vulnerabilities in the more than 200 government agencies and utilities that will participate (as was the case when Wall Street banks and exchanges were tested this past July), we have a sign of major trouble ahead.
  • Expanded fear-driven restrictions on the operations of U.S. cyber intelligence agencies.
    No one likes personal intrusions, but mistakes in any complex operation can and will be made. For agencies such as the NSA, it’s better to fix what is wrong and enhance what is working. Dismantling, crippling or unnecessarily restricting cyber intelligence efforts will only aid our enemies and leave us more vulnerable to attack.

And of course stay tuned to this site, where you will find all the late-breaking developments on these and other cybersecurity forces that affect our national security.

Will the U.S. Pay it Forward?

The legacy of the 9/11 attacks cannot and should not be squandered. In these tumultuous times when large portions of the world are becoming increasingly anarchistic, one question we should continually be asking ourselves is, “Can the U.S. maintain the bigger picture and stay out of its own way?”

Let’s hope that the answer to this question is yes. If not, those wishing to do us harm will soon find open doors to facilitate their actions.

("One World Trade Tower and Tribute in Light Memorial" image: Anthony Quintano/Flickr)

Saturday, September 7, 2013

Will 2013 Be the Year Cybersecurity Crashes the Party in the Board Room?

Some call it disinterest, disbelief, ambivalence, another overblown Y2K scare, or simply “IT’s problem.”

But no matter what you call it, there’s no doubt that American industries seriously lack attention for the threats posed from cyberattacks. I saw it at the AIAA aviation convention and am seeing it again at the Association of Emergency Managers: scant attention to the risks of cyberattacks.

But attitudes are changing. I predict 2013 will be recognized as the year that the chickens came home to roost, the year corporate executives recognized that continuing to ignore cyber threats would expose their organizations to growing operational, legal, and customer loss risks.

Why the sudden recognition? Strong pressures came into play during 2013, which acted as a form of shock therapy that forced executives into action.

What were these pressures? Let’s take a look at three: