Cyber Security Inadequate to Counter Emerging Threats, Report Finds
A new report by the Intelligence and National Security Alliance (INSA) recommends that the United States update its cyber intelligence capabilities to more effectively counter emerging threats. The INSA recommends a proactive approach to dealing with cyber security threats, rather than the current, reactive approach, of responding to threats after they occur.
In a report titled, “Cyber Intelligence: Setting the Landscape for an Emerging Discipline,” the INSA notes that threats to cyber security have grown more serious because of ever increasing reliance on the Internet.
The report draws an analogy between the interstate highway system and the “information superhighway.”
Get Our Latest News for FREE
“Imagine if businesses in the United States could not use the interstate system to reliably transport goods,” the report says. “The Internet has assumed an analogous stature in its role in financial transactions and the exchange of information. Protecting this 'super-highway' is a global imperative for the public, private, and academic sectors.”
Many people and businesses rely upon the Internet today as a daily resource for telecommunications. In addition, “diplomatic, military and intelligence organizations” rely heavily upon the Internet, the report notes.
The report says that estimating the costs of cyber attacks is difficult and, therefore, vary widely. One study estimated the losses to average $400 billion annually, another estimated $13 billion in losses in 2003.
The report cites several areas of vulnerability in the nation's cyber security. One in particular, outsourcing of information technology to other nations, is viewed as problematic by the report. By outsourcing to other nations, “potential adversaries can easily insert themselves” into the nation's information networks.
The report does not name any nations in particular, but there have been concerns recently about cyber attacks originating from China and Russia.
National and international laws have not kept pace with advances in technology, according to the report, which makes dealing with cyber attacks more difficult. There is not even an agreed upon definition of what is actually a cyber attack.
The government's approach to countering cyber threats have been both costly and reactive, the report states. “Attempting to secure our systems under current cyber practices is a costly, ineffective, and never-ending struggle. We must avoid an offensive-defensive cyber 'arms race' which consumes extensive resources, yet fails to produce an enduring or definitive outcome.”
The United States should develop strategies that go beyond the current “patch and pray” approach, the report suggests.
Since most of the Internet's infrastructure is owned by the private sector, while most of the nation's cyber intelligence capabilities are with the Department of Homeland Security and the Department of Defense, the report also recommends a “more meaningful partnership” between the public and private sectors.
INSA is a non-profit, non-partisan organization with member in government, the private sector and academia.
