Restoring trust, international response eyed to boost cybersecurity

sphere of binary data

To hear some insiders tell it, the state of U.S. security is in shambles: badly damaged by former National Security Agency contractor Edward Snowden's leaks, constantly under siege by digital adversaries, and rudderless without cybersecurity legislation in place. But hope that the mess can be cleaned up persists, according to speakers at an Oct. 3 summit in Washington.

"Cyber threats are the largest national security threat that we have, and we are not prepared to handle it," said Rep. Mike Rogers (R-Mich.), chairman of the House Intelligence Committee. "This is an incredibly dangerous time for us."

Cyber vulnerabilities have only been exacerbated by Snowden's leaks, which included details about NSA spying programs and, Rogers acknowledged, decimated public trust in the intelligence community.

Rogers said he and Rep. Dutch Ruppersburger (D-Md.), ranking member on the Intelligence panel, are working on a package to be released in mid-October designed to restore that lost trust. The package will include declassified information on intelligence activities, which Rogers hopes will build public confidence by improving transparency and demonstrating the checks and balances in place, he said.

"I think it makes good strides with protecting our sources and methods ... but making it more open so that people can see the sheer level of oversight that these programs enjoy," he said.

But one thing that is not moving forward in Congress is cybersecurity legislation, an issue that Gen. Michael Hayden, former director of the NSA and CIA, blamed squarely on Snowden.

"One of the long-term ill effects of Snowden is that it was tough enough to get [legislation] through when the waters were calm, and now [Congress] is trying to do it in whitewater rapids," Hayden said. "It's not going to happen – we have lost a whole congressional cycle in getting our government more forward-leaning."

Nonetheless, there are promising long-term possibilities that could improve cybersecurity. Craig Mundie, senior adviser to the CEO at Microsoft, suggested that an international partnership targeting cybersecurity, and modeled after an existing worldwide health alliance, could improve security stances and help tamp down global tensions related to cyber theft and espionage.

"The ability for infectious disease to spread is not something you can easily confine by the actions of single country, so we've created things like the World Health Organization in order to be able to at least take a bunch of countries who want to be able to play together and try to prevent or deal with an outbreak, and to do something about it," Mundie said. "At the end of the day we're going to have to have something like the WHO for the network. We use the same terms – viruses, bugs – and there are many similarities."

"It's not going to prevent destructive malware attacks on [critical infrastructure],” he continued, “but many of the things people worry about are going to require some combination of governance and ability to have a coordinated response. That doesn’t exist anywhere today, and we're not going to get it from the U.N., the EU or conventional mechanisms."

During the panel, Hayden also denied that the NSA carries out assassinations but did defend "targeted killing" as well as cyber theft American style.

"I ran NSA; we steal stuff. We make no apologies about it," Hayden said. "But we steal things to keep our citizens free and keep our citizens safe. We do not steal things to make our citizens rich, and that is a fundamental distinction between what our services do...and what the Chinese services do."

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Shutterstock image: looking for code.

    How DOD embraced bug bounties -- and how your agency can, too

    Hack the Pentagon proved to Defense Department officials that outside hackers can be assets, not adversaries.

  • Shutterstock image: cyber defense.

    Why PPD-41 is evolutionary, not revolutionary

    Government cybersecurity officials say the presidential policy directive codifies cyber incident response protocols but doesn't radically change what's been in practice in recent years.

  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group