Time for another clear and unambiguous warning on the growing cyber threat, this one in testimony to Congress by the leader of the U.S. Intelligence Community:
Security of Information systems: Allow me to turn now to a transnational threat that is, at present, difficult to measure — the threat of attack against our information systems and information-based infrastructures. Hackers, criminal groups, and foreign intelligence services consider these systems lucrative targets, as evidenced by the growing number of intrusions into corporate and financial information systems. … I am concerned that the threat to our information systems will grow in coming years as the enabling technologies to attack these systems proliferate and more countries and groups develop new strategies that incorporate such attacks.
Our efforts to identify and characterize the threat are continuing. I am encouraged by our progress over the past year. We are developing cooperative efforts within the community, and establishing valuable links with other agencies outside the Community and outside government. We have a lot more to do, however. We must identify sufficient resources to work on this problem and work through many of the legal and regulatory obstacles to collecting needed intelligence.
You can read the full testimony on the CIA.gov website. You will need to go to the archives page. That warning was delivered in February 1996 by Director of Central Intelligence John M. Deutch. While there you can find similar warnings delivered every year up to today. You can add to those the warnings of every Director of National Intelligence, which you can read on their site since 2005.
With that as context I would like to underscore that threat warnings are good, and having every leader of the U.S. intelligence community help underscore the seriousness of this threat is important. But like in every other warning the intelligence community gives, decision-makers can fail to act.
Could I be considered a troll for bringing up this old history with such a click-bate title? Maybe. But you have to admit, there is a huge point to be made here. We should all do what we can to be aware of the threat. But awareness is not enough. We have to do something about it. And by “we” I don’t just mean policy makers. Policy is important, but leaders must act at all levels. In government, in industry, in academia, in non-profits and at home.
There were many other warnings through the years. See George Tenet’s 1998 warning at: An Assessment on the Cyber Threat
What do you think about this? Seems like we have had plenty of warnings, but have failed to act. So one thing is for sure, the current situation we find ourselves in is not an intelligence failure.
More on things cyber:
- New DoD Rules For Contractors Focus On Enhancing Security and Incident Response
- Definitive Guide to Threat Intelligence
- CTOvision Named To Top 10 Tech Blogs Every CTO Should Follow
- An OODAcast Conversation with Dr. David Bray of the Atlantic Council Geotech Center (Part One) - April 3, 2020
- OODAcast– A Conversation with Dan Gerstein - April 1, 2020
- Update on The End Coronavirus Project and Need for Volunteers - March 28, 2020