Time for another clear and unambiguous warning on the growing cyber threat, this one in testimony to Congress by the leader of the U.S. Intelligence Community:
Security of Information systems: Allow me to turn now to a transnational threat that is, at present, difficult to measure — the threat of attack against our information systems and information-based infrastructures. Hackers, criminal groups, and foreign intelligence services consider these systems lucrative targets, as evidenced by the growing number of intrusions into corporate and financial information systems. … I am concerned that the threat to our information systems will grow in coming years as the enabling technologies to attack these systems proliferate and more countries and groups develop new strategies that incorporate such attacks.
Our efforts to identify and characterize the threat are continuing. I am encouraged by our progress over the past year. We are developing cooperative efforts within the community, and establishing valuable links with other agencies outside the Community and outside government. We have a lot more to do, however. We must identify sufficient resources to work on this problem and work through many of the legal and regulatory obstacles to collecting needed intelligence.
You can read the full testimony on the CIA.gov website. You will need to go to the archives page. That warning was delivered in February 1996 by Director of Central Intelligence John M. Deutch. While there you can find similar warnings delivered every year up to today. You can add to those the warnings of every Director of National Intelligence, which you can read on their site since 2005.
With that as context I would like to underscore that threat warnings are good, and having every leader of the U.S. intelligence community help underscore the seriousness of this threat is important. But like in every other warning the intelligence community gives, decision-makers can fail to act.
Could I be considered a troll for bringing up this old history with such a click-bate title? Maybe. But you have to admit, there is a huge point to be made here. We should all do what we can to be aware of the threat. But awareness is not enough. We have to do something about it. And by “we” I don’t just mean policy makers. Policy is important, but leaders must act at all levels. In government, in industry, in academia, in non-profits and at home.
Do you agree?
More on things cyber:
- New DoD Rules For Contractors Focus On Enhancing Security and Incident Response
- Please Spread The Word: Cybersecurity Scholarships From (ISC)² and the Center for Cyber Safety and Education
- Definitive Guide to Threat Intelligence
- CTOvision Named To Top 10 Tech Blogs Every CTO Should Follow
Latest posts by Bob Gourley
- Carahsoft and GitLab Partner To Help Feds Deliver Code To Production Quickly and Securely - April 24, 2019
- Cybersecurity for AI Solutions Webinar 9 May 2019 - April 21, 2019
- OODA Produces A Traveling Executive’s Guide to Cybersecurity - April 19, 2019