Report: U.S. Cyber Space Remains Unsecure

Monday, February 21, 2011 @ 03:02 PM gHale

The nation’s cyber security effort remains lacking, according to the Center for Strategic and International Studies. This comes two years after declaring cyber space is a critical national asset.

The assessment comes in a follow-up to “Securing Cyberspace for the 44th Presidency,” the 2008 report created by CSIS for the incoming president that called for a government-led approach to cyber security.

“Our 2008 report concluded that cyber security is now one of the major national security problems facing the United States and that only a comprehensive national strategy consistent with U.S. values would improve the situation,” CSIS said.

The follow-up, “Cybersecurity Two Years Later,” includes recommendations for key challenges that remain to be met.

“We thought then that securing cyber space had become a critical challenge for national security, which our nation was not prepared to meet,” the new assessment said. “In our view, we are still not prepared.”

The administration said in its May 2009 Cyberspace Policy Review the status quo in cyber security no longer was acceptable and the “White House must lead the way forward.” The review set out a 10-step, near-term action plan that included creation of the position of a White House cyber security coordinator, a position that has been filled by Howard Schmidt.

But implementation of recommendations remains mixed because other priorities take priority and because of concerns about government regulation. “Cyber security unavoidably takes second place to more immediate concerns, such as the wars or the economy,” the new report said.

Cyber security issues will not go away. “2010 should have been the year of cybersecurity,” the report said. Looking back at last year, it started with the breach on Google; saw the spread of the Stuxnet worm in industrial control systems, and ended with denial-of-service attacks over WikiLeaks.

These events “show how the United States is reliant on, but cannot secure, the networks of digital devices that make up cyberspace,” CSIS’ report said.

But current approaches to cyber security rely on voluntary cooperation between the public and private sectors without a central point of control and authority, and underestimate the challenges of sharing information between the private sector and government, CSIS concluded. However, communication between government and industry remains weak at best.

CSIS identified 10 key areas of cyber security where progress needs to occur:

• Coherent organization and leadership for federal efforts for cyber security and recognition of cyber security as a national priority.

• Clear authority to mandate better cyber security in critical infrastructure and develop new ways to work with the private sector.

• A foreign policy is needed using all tools of U.S. power to create norms, new approaches to governance and consequences for malicious actions in cyberspace.

• An expanded ability to use intelligence and military capabilities for defense against advanced foreign threats.

• Strengthened oversight for privacy and civil liberties, with clear rules and processes adapted to digital technologies.

• Improve authentication of identity for critical infrastructure.

• Build an expanded workforce with adequate cyber security skills.

• Change federal acquisition policy to drive the market toward more secure products and services.

• A revised policy and legal framework to guide government cyber security actions.

• Research and development (R&D) focused on the hard problems of cyber security and a process to identify these problems and allocate funding in a coordinated manner.

One Response to “Report: U.S. Cyber Space Remains Unsecure”

  1. […] This post was mentioned on Twitter by John T Curran, Joel Langill. Joel Langill said: Report: U.S. Cyber Space Remains Unsecure – […]

Leave a Reply

You must be logged in to post a comment.