On July 26, President Barack Obama signed the United States Cyber Incident Coordination policy directive to help outline a response plan when our country is targeted through cyber attacks. The new policy was signed without much fanfare, thanks to the Democratic nomination of Hillary Clinton and the rest of the Democratic National Convention. Ironically, they had their own brush with cyber security that garnered significant attention, after hackers released several of their internal emails.
This topic demands more attention than it’s received. President Obama has repeatedly underscored the importance of cybersecurity in his most recent version of the National Security Strategy. Likewise, the Department of Defense (DOD) is also on board with the importance of cyber to its mission. The most current version of the Defense Strategic Guidance emphasizes the threat of cyber espionage and its potential use not just by nation states but by non-state actors as well.
{mosads}Now if you think that before July 26 that we had clear lines in the government regarding cyber security, you would be wrong. It is seemingly inconceivable that even after eight years of a Republican heading the executive branch and nearly the same amount of time under the leadership of a Democrat that this policy would not come to fruition until last week.
While a step in the right direction, there are still several weaknesses in the latest policy. Information technology and our overreliance on cyber capabilities could be our Achilles heel.
The upside to the policy is that the president sees that protection of private sector equities is almost as important as the protection of government run networks. Likewise, the executive branch understands the vulnerability of public and private sector organizations to malfunction, malicious activities and other cyber activities and embraces the need for a concerted governmental effort when dealing with cyber incidents. Accordingly, this directive fixes responsibility with the FBI to serve as the lead federal agency for threat response activities, with Homeland Security for asset response, and finally the Office of the Directory of National Intelligence for intelligence breaches and related issues.
What is the downside? This document is apparently reactionary in nature. It looks to react after an incident has already occurred rather than to pursue proactive measures to prevent those bent on using cyber attacks from occurring in the first place. We need a more concerted approach by intelligence agencies, government cyber experts, and private industry to really work together in order block cyber intruders from ever gaining access to our nation’s most valuable and sensitive information. Cleaning up after a major incident might not be enough to ensure the integrity to the security of our nation.
What is needed? It is apparent that the private sector reliance on networks (the nation’s electrical power grid, hospitals, and more) as well as many non-defense & intelligence related government agencies are vulnerable to attacks. Though the Defense Department has been hacked in the past (albeit only the unclassified network to my knowledge), the Defense Systems Information Agency (DISA) under DOD has been pretty effective at protecting the networks of this department and that of the president and vice president (for which DISA is also charged).
Perhaps now is the time for Congress to consider implementing a similar capability to protect all government networks and to study measures to better guard from nefarious intrusions in the private sector as well. Cyber incident response is not enough; we must become more proactive as a nation to protect against attacks from the outset.
John Weaver is assistant professor and program coordinator of intelligence analysis at York College of Pennsylvania.
The views expressed by authors are their own and not the views of The Hill.