The challenge of talking openly about cyber
Defense Secretary Leon Panetta is set to make a major speech on cyber security on Thursday night, but U.S. officials acknowledge that thus far they have fallen short in publicly explaining the nature of cyber threats and the government’s efforts to respond to them. "Protecting ourselves in cyberspace is an important issue we need to ...
Defense Secretary Leon Panetta is set to make a major speech on cyber security on Thursday night, but U.S. officials acknowledge that thus far they have fallen short in publicly explaining the nature of cyber threats and the government's efforts to respond to them.
Defense Secretary Leon Panetta is set to make a major speech on cyber security on Thursday night, but U.S. officials acknowledge that thus far they have fallen short in publicly explaining the nature of cyber threats and the government’s efforts to respond to them.
"Protecting ourselves in cyberspace is an important issue we need to talk about, but it’s exceptionally difficult to be forthcoming and reassuring when so much of our effort is classified or sensitive," a senior White House official told Killer Apps on Oct. 10.
"The truth is that we are actively working with all the tools at the government’s disposal, day in and day out, to protect the American people from some very serious cyber threats. But the last thing we’d want to do is harm our ability to protect ourselves by putting all of our tactics, techniques, and procedures out in the open for our adversaries to see," the official said. "So, we end up speaking in broad strokes about the principles of our policies as a substitute for providing the details."
The result has been a lot of vague public discussion with little public action (and plenty of classified action, we’re told).
Just this past month, there have been numerous Washington forums on cyber security with the intent of ‘framing the debate’ and to ‘better inform the public about the grave risk posed by a ‘cyber Pearl Harbor.’ And experts say that massive amounts of intellectual property — equivalent to trillions of dollars or a Library of Congress worth of data — is being stolen from American firms by hackers in far off lands.
Still, government officials lament that the public — especially banks, airlines, utilities, and Internet service providers — isn’t doing enough to protect its networks from cyber attack. Some of the same government officials also complain about Congress’s failure to establish laws dealing with minimum cyber security standards, information-sharing practices about cyber threats, and a clear picture of who is responsible for defending the country against different types of cyber threats.
The high degree of classification surrounding the government’s work is a big hindrance.
"Because the capabilities are so sophisticated, they’re rapidly evolving, and they are on the edge of where our intelligence capabilities meet our military capabilities, there is a hesitancy to speak openly about what the American government is doing to protect the nation from cyber attack," a Pentagon official told Killer Apps on Oct. 10.
"But, the reality is, we need to do a better job at being more clear about the challenges that we’re facing and to the best of our ability the capabilities we’re bringing to bear to meet those challenges," the official said.
One of the most basic reasons that the government needs to improve its communications about cyber is the fact that "only the best" cyber operators are able to see when they are being attacked and then do something about it, added the official. "It takes a significant level of capability to be aware of an intrusion and an even higher level of capability to be aware of what’s" been stolen.
As the government struggles to establish a cohesive national approach to cyber security, it is becoming better at sharing information.
While "we’ll never be fully open" because of the heavy involvement of intelligence-related activities in cyberspace, the trend is slowly "but steadily [moving] towards being more open," added the official. "We must move that forward."
Panetta’s speech is one attempt to move toward openness, and over the last year Pentagon officials have begun to reveal a trickle of information about the military’s offensive operations in cyberspace — something that was never discussed previously.
And the government, via something called the DIB CS/IA program, has even become better at sharing information about cyber threats collected by intelligence agencies with private companies in a way that doesn’t compromise sources or methods.
John Reed is a national security reporter for Foreign Policy. He comes to FP after editing Military.com’s publication Defense Tech and working as the associate editor of DoDBuzz. Between 2007 and 2010, he covered major trends in military aviation and the defense industry around the world for Defense News and Inside the Air Force. Before moving to Washington in August 2007, Reed worked in corporate sales and business development for a Swedish IT firm, The Meltwater Group in Mountain View CA, and Philadelphia, PA. Prior to that, he worked as a reporter at the Tracy Press and the Scotts Valley Press-Banner newspapers in California. His first story as a professional reporter involved chasing escaped emus around California’s central valley with Mexican cowboys armed with lassos and local police armed with shotguns. Luckily for the giant birds, the cowboys caught them first and the emus were ok. A New England native, Reed graduated from the University of New Hampshire with a dual degree in international affairs and history.
More from Foreign Policy
At Long Last, the Foreign Service Gets the Netflix Treatment
Keri Russell gets Drexel furniture but no Senate confirmation hearing.
How Macron Is Blocking EU Strategy on Russia and China
As a strategic consensus emerges in Europe, France is in the way.
What the Bush-Obama China Memos Reveal
Newly declassified documents contain important lessons for U.S. China policy.
Russia’s Boom Business Goes Bust
Moscow’s arms exports have fallen to levels not seen since the Soviet Union’s collapse.