For the foreseeable future, cyberspace will be one of the most important battlefields for the United States and its allies. Over my 25-plus years working in IT and security, I’ve seen the role and public perception of cyberspace change dramatically. It’s fascinating to think about the growth that’s occurred and how our relationship with cyberspace has evolved from the early ‘90’s up to today. Regardless of where you sit on the political spectrum, cybersecurity has clearly emerged as an important issue that our government leaders need to address.
With attacks on big-box retailers and Fortune 500 companies dominating the headlines, this time last year many were referring to 2014 as the “year of the breach.” However, what transpired in 2015 only magnified the challenges government faces in this new battlefield. The military today views cyberspace as the fifth operational domain (land, air, sea, and space being the first four), but it differs from the others in that commercial companies are responsible for defending their portion of it. This makes cybersecurity a whole-of-nation challenge.
{mosads}Cybersecurity is a topic that should be talked about on the campaign trail from now until November, and beyond. Regardless of who the next president is, it is an issue the next administration will need to face head-on. Insiders with malicious intent, the increasing sophistication of advanced malware from criminal entities, and the capabilities of nation-state cyber actors are all cause for concern. As innovative technologies and devices continue to emerge, connecting people, companies and government in new ways, the threat landscape and scope for potential vulnerabilities is also growing, making it tougher to secure sensitive networks and data.
Several federal agencies last year, from the IRS to the Pentagon, experienced security breaches. The most high-profile of which was targeted against the Office of Personnel Management (OPM), which suffered two breaches that ultimately compromised the information of 22 million federal employees. These incidents, along with high-profile breaches like Anthem and Ashley Madison, led to more conversation around cybersecurity and the benefits of information sharing between government and private sector. At the end of last year, cybersecurity information sharing legislation was added to the end-of-year spending bill passed by Congress and signed by the president.
The fact that we’re seeing regular, in-depth media coverage and ongoing discussions in Washington around cybersecurity proves this issue is more than a trend, it’s a sign that cybersecurity has become a national priority.
The good news is increased discussion is generally the first step toward more positive action. The cybersecurity threats government and industry face today are complex, continuously evolving to evade defense mechanisms and penetrate sensitive networks. Government and industry cannot afford to take a reactionary approach when it comes to cybersecurity. Modern cybersecurity initiatives need both proactive and conventional defensive capabilities to be successful.
In addition to protecting federal agency and military networks, the security of U.S. critical infrastructure and key resources should be another chief concern. Former leader of the NSA and U.S. Cyber Command General Keith Alexander has said on several occasions that our energy infrastructure is a prime target for cyber attackers. This isn’t something that has created catastrophic damage in the U.S. yet, but there is a precedent for this type of activity when a Ukrainian power grid was shut down from a multi-staged attack in December.
This is an important issue to consider as election season really ramps up. As citizens, we want to hear candidates’ strategies for dealing with the economy, healthcare and foreign policy challenges, but we should similarly be asking questions about their cybersecurity strategies. In fact, one can argue cybersecurity should be discussed as part of those issues since it plays a vital role in each.
Looking ahead, there are important questions that the new administration will need to answer: Are we doing enough to support federal chief information security officers (CISO) and CIOs? Do agencies have the resources to invest in the security solutions and analytics tools needed to combat modern threats? Do we have processes and procedures in place to effectively and efficiently allow the sharing of critical cyber indicators between government and industry?
Make no mistake, there will be more data breaches and cyber-attacks in 2016, 2017 and beyond. But how can we better identify, manage and eliminate threats while improving the protection of our most sensitive information? Modern threats are evolving so it’s critical that government policies and technology deployments reflect that change.
Our next administration needs to understand the importance of cybersecurity investments over the next few years, as those decisions will either lead us toward a government with a strong security backbone or a situation that has us feeling like every year is “the year of the data breach.”
Song has been with Splunk since 2014 and currently serves as senior vice president of Security Markets.