Outlook 2013

Cybersecurity: Rejoining the battle on Capitol Hill


2012 was an eventful year in the world of cybersecurity, to say the least. High-profile cyberattacks, multiple failed attempts to pass legislation, and the continuing buildup of the U.S. Cyber Command and military cyber capabilities are just a few of 2012’s most important cyber-related events.

Experts and insiders almost unanimously pointed to a handful of prominent attacks around the world as defining moments in the year’s cyber landscape. The Shamoon virus unleashed on Saudi Arabia’s state oil company destroyed 30,000 computers, an unprecedented occurrence in cyber warfare. Before that, the release of New York Times reporter David Sanger’s book “Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power” unveiled the United States’ involvement in the development and release of Stuxnet — itself a crucial affair with reverberations far beyond the confines of cyberspace.

Outlook 2013

Read the other stories in our Outlook 2013 feature package. Click here.

“With the publication of this book, you essentially had a play-by-play of how this went from idea to effect,” said Richard Bejtlich, chief security officer at Mandiant. “It revealed how having a piece of code [could] not just disrupt a computer or steal information but actually have a physical effect to destroy machinery and while doing so have a major international relations event. Now that we know, more or less, that the U.S. and its ally Israel were involved in creating Stuxnet, other countries have a tool they can use when discussing cybersecurity relations with the U.S.”

Meanwhile, the cybersecurity discussion continued to churn. On Capitol Hill, ongoing battles over the best way to legislate cybersecurity resulted in gridlock. An executive order came to be seen as the best short-term solution, but nobody believed it was a good substitute for comprehensive legislation, and the battle in Congress is certain to resume in 2013.

“I think we’ll see some legislation coming out of Congress this year,” said Charles Croom, vice president of cybersecurity solutions at Lockheed Martin and former director of the Defense Information Systems Agency. “It’ll probably take the executive order and put some of that into law, and take parts of existing proposed legislation and put that into law as well. Things everyone seems to agree on — research and development, education, information sharing, critical infrastructure protection — those will be topics at hand that will at least get into proposed legislation. The hard part will continue to be how much to regulate versus incentivize.”

At the Defense Department, the services are continuing to build cyber capabilities. The ranks and capabilities of the fledgling Cyber Command are filling out, and its leaders are determining the evolving requirements for the Pentagon’s newest domain: cyberspace.

In 2013, training will likely be a top priority as a new generation of military personnel sharpens much-needed cyber skills, and cybersecurity will be an area of budgetary exception, unlikely to face the ax as much as other DOD programs.

“The demand signal has increased and will continue to increase,” said Lt. Gen. Michael Basla, the Air Force’s CIO. “Why is that? Because the threat is out there. It’s not just a Department of Defense thing. It’s a national imperative that we must protect our country against the cyber threats. We have to address how to respond to that demand signal.”

Cybersecurity should not be subject to budget cuts and, indeed, could be one of a few growth areas in the age of scarce funding, Basla said. “Cyber is integrated across all our capabilities and everything we do as a nation,” he said. “We need to be prepared for that.”

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Shutterstock image: looking for code.

    How DOD embraced bug bounties -- and how your agency can, too

    Hack the Pentagon proved to Defense Department officials that outside hackers can be assets, not adversaries.

  • Shutterstock image: cyber defense.

    Why PPD-41 is evolutionary, not revolutionary

    Government cybersecurity officials say the presidential policy directive codifies cyber incident response protocols but doesn't radically change what's been in practice in recent years.

  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group