Paying Down the Cybersecurity Debt: A Shared Responsibility

By: David A. Hoffman: Associate General Counsel, Director of Security Policy and Global Privacy Officer

youngaspen (2)On July 23rd, Intel Security’s Senior Vice President Chris Young spoke on a panel at the Aspen Security Forum. The panel was titled “Cyber Policy at National and International Levels”. John Markoff of the New York Times moderated the session. Chris was joined on the panel by US Department of Homeland Security Under Secretary Suzanne Spaulding, and former US National Security Agency Director and head of the US Cyber Command, General Keith Alexander.

The panel’s discussion focused on how government and industry can raise the level of cybersecurity in an environment where we see increasing frequency and sophistication of attacks. Chris pointed out that while both governments and industry have talked about the growing cybersecurity risks for more than a decade, the gap between necessary investment and the resources actually deployed continues to widen. This gap has created a global “cyber debt” that we must now start to pay down, as one consequence of our increasingly connected society is that governments, companies and individuals are at risk from the security failures that are becoming all too common.

Chris noted that eliminating the “cyber debt” will not be done immediately, but will take many years of focused effort and collaboration between all stakeholders. There is an immediate need to create a larger and more easily deployable group of cyber professionals to mitigate, remediate and recover from attacks when they happen. Chris called for the creation of a “Cyber Corps” that trains young people with the right skills to help protect communities. Another idea mentioned on the panel was the need for a “Cyber National Guard” that could be called into action by states when needed to help protect local communities.

Paying down the debt will take cooperation between governments and the private sector. An idea presented by Under Secretary Spaulding was to have government focus on training young cyber professionals with the idea that they may then move to the private sector, and then later in their careers possibly move back to public service. This model for workforce development could be followed by all governments worldwide, would provide substantial debt reduction to the protecting of our global digital infrastructure, and would assist in efforts to increase international cooperation. Chris and Under Secretary Spaulding shook hands on stage to symbolize this need for public and private cooperation. Intel would like to see similar handshakes globally.

Another area where Chris described the need for paying down the cyber debt is the need to increase enforcement against malicious actors. Industry has the ability to focus on the actions of cyber threats, but only governments can move against the actors. Governments need to invest further in going after criminals and terrorists who misuse our global digital infrastructure. Also, given that the infrastructure is global, we need substantial more debt payment in furthering Mutual Legal Assistance Treaty requests. The private sector operates global supply chains, IT infrastructures and sales efforts. We need governments to operate a global enforcement network to go after the criminals and terrorists where they live.

Government and Industry have run up a large “cyber debt”, which has created substantial risk for the impact that technology can bring to improve the lives of everyone on earth. We all have a shared responsibility now to pay down that debt. Let’s get started today!

Comments are closed.