Why the government's cybersecurity plan will end in catastrophe

By Rob Enderle, CIO |  Security, cybersecurity

Last week Defense Secretary Leon E. Panetta presented his case for an invasive system to monitor the nation's private systems in order to better identify and respond to cyber threats.

Panetta correctly points out that the likelihood of a 9/11 scale cyber attack is real-and if something isn't done, large sections of the U.S. infrastructure could fail. He uses as an example the successful attack on ARAMCO, a Saudi Arabian state owned oil company, which wiped 30,000 computers, causing massive data loss and rendering them temporarily useless.

News: Future Cyber Attacks Could Rival 9-11, Cripple US, Warns PanettaGet the latest IT news and analysis from Constantine von Hoffman's IT Security Hack blog

The proposed remedy is to provide the U.S. government with broad access to private systems so that malware can be quickly identified and removed and other national threats identified and stopped. The problem is that such access creates privacy issues and may itself be a bigger problem than the threat it attempts to eliminate. Not only is the requested change unlikely to happen any time soon, it may increase the potential for either a domestic or foreign cyber attack.

Central Network Eliminates Natural Protection

One hidden benefit in the fact that our systems often don't share information well or have a common security structure is that attacks against infrastructure therefore have to be tightly targeted. This means an attack on one private or public system probably won't even work on most others, since they run a variety of different security packages, operating systems and applications, all surrounded by different policies.

One of the reasons we haven't yet had a repeat of 9/11-that is, an attack that reaches catastrophic levels-is because these systems just don't interoperate very well or share information at a low level. The amount of work to carry out such an attack currently exceeds the resources of the attackers.

Originally published on CIO |  Click here to read the original story.
Join us:






SecurityWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question