McCaskill slams 'turf wars' over cyber
- By Mark Rockwell
- May 10, 2017
Sen. Claire McCaskill (D-Mo.) complained about "turf wars" in U.S. cybersecurity policy and enforcement.
The federal government needs to define its strategies and authorities to defend against a growing wave of electronic threats from criminal and nation-state organizations, said lawmakers and private industry officials in a Senate panel on the current cyberthreat landscape.
"It is worse than spaghetti," said Senate Homeland Security and Governmental Affairs Committee Ranking Member Sen. Claire McCaskill, (D-Mo.), describing the various groups in the U.S. military and at DHS responsible for U.S. cyber security and defense.
"It is so confusing, so disparate there's no wonder we're having these turf wars," she said at a May 10 committee hearing.
"We have got to figure out how to break through the bureaucratic rules, our pay scales and how do we engage the private sector, so we literally do have the best and brightest" working on the issue, said committee Chairman Ron Johnson (R-Wis.).
Johnson promised more hearings to sort out that tangle and generate solutions, with the help of more nimble commercial companies and private organizations
Steven Chabinsky, global chair of data, privacy and cyber security at international law firm White & Case, hopes to see a new approach.
Chabinsky, a former deputy assistant director of the FBI's Cyber Division, called for 10 percent of the defense budget to be devoted to developing higher level cyber protections by the U.S. government, as well as a "180 degree" shift in how the government addresses threats.
Rather than focus on hygiene at the user level, the federal government should push higher-level protection functions by the government. The recommendations were included in the White House Cybersecurity Commission Report issued in December 2016.
"The problem is getting worse and we are losing," Chabinsky said. "We are following a failed strategy that can and must be changed."
Additional solutions could also be more innovative approaches by the military and the federal government, according to Johnson and McCaskill.
The Missouri National Guard, said McCaskill, has a unique program called Response Operation Collection Kit Network Security Monitoring to provide a readily available tool to combat cyber attacks.
That program, according to Missouri National Guard Captain Kevin Keene, was developed to protect critical infrastructure by allowing more controlled interaction with cyberthreat adversaries. The kit is now used by over 40 different government entities and commercial companies, said Keene, who works in cybersecurity at the agribusiness firm Monsanto.
"Rules of engagement are needed," said Sen. Steve Daines (R.-Mont.). Cyber attacks that destroy corporate digital assets, he said, are akin to destruction of physical assets and call for some kind of consequence. The current approach is "building a bigger and better fence" to keep cyberattackers out, he said. Consequences for getting caught breaching that fence, he added, are not well defined.
Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.
Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.
Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.
Click here for previous articles by Rockwell.
Contact him at [email protected] or follow him on Twitter at @MRockwell4.