Six Priorities for Cyber War: “US must be prepared not only to defend itself on the Internet but also to fight back”
Deputy Secretary of Defense Ashton Carter outlined six ways the DOD is taking action today, as well as legislation he believes can help the government act quickly against hackers at home and abroad.
“Cyber will overtake terrorism as the persistent gnawing … kind of threat and danger,” said Carter at the RSA Conference in San Francisco today. “The market, both economic and political, undervalues security at the moment. Doesn’t see it. Doesn’t fully get it. This is wrong, this is a mistake.”
The DOD is charged with protecting the United States not only with ships, airplanes, and tanks but also with cyber weapons. Former National Security Agency director Mike McConnell pointed out that if terrorists find their way into our banks, the ensuing economic havoc could result in greater devastation than that of 9/11. He said the US must be prepared not only to defend itself on the Internet but also to fight back. Six core DOD missions speak to this responsibility:
Developing and preparing to use weapons of cyber warfare
Preparing the U.S. for what the battlefield may look like
Listening for and analyzing defense intelligence over the Internet
Defending both classified and unclassified networks
Creating technology using the DOD’s and the NSA’s “weight and resources” and distributing them to Homeland Security, law enforcement agencies, and partners
Protecting these tools and infrastructure with the military.
The DOD is spending half a trillion dollars to run these projects, according to Carter. He says he has never heard of anyone wanting to cut the budget back. Indeed, he would like to increase the spending if he can find worthy areas to develop. However, despite governmental support, he wants the technology sector to help push the agenda further. The legislation Carter is pushing for would allow the government to act more freely with the public sector to develop tools. He explained it would enable the government to share threat information with the private sector and would enable public companies to report intrusions “without liability or trust concerns.” It would also allow members of the private sector to share threat information with each other “without liability or trust concerns.” And, if passed, it would force companies to report intrusions to the government.
Carter is aware that legislation and bullet points are small steps but asks that the security industry understand that “trying to get our act together as a country … is not an easy thing to do.”
“Of course, we were involved in birthing the Internet itself,” said Carter, “We have a history here, and we’re going to continue it.”
VB News – Meghan Kelly