I consider myself somewhat of a political junkie, and as such, I frequently find myself tuning into the Sunday morning Washington insider shows or taking in one of the seemingly endless debates during the election season. While I realize most of it is political hype, bound to change on a weekly basis, I still find it to be fascinating theatre.
Given my involvement in the IT security industry, I have a heightened awareness for discussions on issues in this arena and have often found it odd that none of the candidates or the journalists charged with asking the tough questions have hit on the issue of cybersecurity. In conversations with colleagues, I’ve been encouraged that I am not the only one who feels this way, and I was willing to chalk it up to perhaps a little over-sensitivity given my chosen profession.
However, that line of thinking all changed a short time ago when I tuned into the evening news and heard Robert Mueller, Director of the FBI, make the following proclamation:
“I do not think today [cybersecurity] is necessarily [the] number one threat, but it will be tomorrow…Counterterrorism — stopping terrorist attacks — with the FBI is the present number one priority. But down the road, the cyber threat, which cuts across all [FBI] programs, will be the number one threat to the country.”
Mueller was not alone in his observations either, as he was joined by National Intelligence Director James Clapper, who went on to add:
“The cyberthreat is one of the most challenging ones we face...Among state actors, we’re particularly concerned about entities within China and Russia conducting intrusions into U.S. computer networks and stealing U.S. data. And the growing role that nonstate actors are playing in cyberspace is a great example of the easy access to potentially disruptive and even lethal technology and know-how by such groups.”
Let that sink in for a moment.
The director of the FBI and the National Intelligence Director just stated for the world to hear that in a very short period of time, cyberthreats will be the biggest threat to the US, yet none of the major candidates are talking about it and, to my knowledge, the media hasn’t been asking. Given the process candidates go through in order to secure their party’s nomination, where they are asked for their position on seemingly everything, one would think this issue would be more frequently talked about.
The lack of attention to this issue from the US presidential candidates is actually in stark contrast to the legislative branch of the government. Just recently, Sen. Susan Collins (R-Maine), along with several other high-ranking members of the Senate, introduced bipartisan legislation to secure – in their words – “the cyber systems of the essential services that keep our nation running”.
In her remarks, Collins referenced ongoing warnings that have been issued by senior officials both past and present.
“These warnings are just the latest in a chorus of warnings from current and former officials. Last November, the director of the Defense Advanced Research Projects Agency or DARPA warned that malicious cyber attacks threaten a growing number of the systems we interact with daily – like the power grid, water treatment plants, and key financial systems.”
Yet, we continue to hear nothing from the candidates who would be Commander-in-Chief.
Personally, while I don’t expect the candidate to be an expert on cybersecurity themselves, I would like to know that they have given the issue some thought and they recognize the potential hazards. I’d also like to know how they would address the issue: Do they view it as a law enforcement issue or would it fall under the domain of homeland security? Where would these threats fall in terms of national security priorities?
I recently saw that US officials estimate there are 60,000 new malicious computer programs identified each day. I think that qualifies as a significant threat and one that the voters deserve some answers on before they go into the booths in November. I for one will be on the lookout to see what kind of attention this issue gets paid in the weeks and months ahead, and which candidate has a plan to deal with it.
Peter George, CEO of Fidelis Security Systems, has more than 25 years of global network security experience. Prior to becoming president and CEO of Fidelis in 2008, George spent seven years as president and CEO of Crossbeam Systems, in the high-end segment of the unified threat management market, where he took the company from being a pre-revenue start-up to over $50 million in revenue. Previously, he was president of Nortel Networks Enterprise Business in Europe, Middle-East, and Africa, responsible for managing more than 5,000 employees and $2 billion in revenue. He received his BA from the College of the Holy Cross, and has done graduate studies at Harvard and Oxford University.