In his 2015 State of the Union address, President Obama made two interesting, juxtaposing references to the Internet:
“I intend to protect a free and open Internet, to extend its reach to every classroom, and every community, and help folks build the fastest networks, so that the next generation of digital innovators and entrepreneurs have the platform to keep reshaping our world.”
“No foreign nation, no hacker, should be able to shut down our networks, steal our trade secrets, or invade the privacy of American families, especially our kids.”
In his search for bipartisan issues, both comments were applause-getters. Still, there is considerable debate within the U.S. about a free and open Internet under the headline, Net Neutrality. The second comment might as well have been “Love your mother.”
Legislatively, there is little that the federal government can do to improve the cybersecurity of individuals and companies. The law-making process is too slow and tends to be reactive, such as after-the-fact breach notification laws. Criminal interests are too elusive, ranging from nation states (North Korea, China and others) to the stateless (Al Qaeda, ISIL and so many others), from criminal cartels to cause-related groups to some bored kid in his bedroom.
It’s interesting that data security and privacy, or lack thereof, is one of very few issues that has personally touched nearly all Americans. If you didn’t receive a breach notification last year from a bank, retailer, healthcare provider or credit card company, you are in a very select group of individuals. By contrast, even as we exit the longest war in our history, a majority of Americans were only tangentially impacted; they went about their daily routines unfettered, even as our armed forces 7,500 miles away did their duty.
We are adapting our methods of warfare to new enemies on the ground; our technology is second to none. It’s fair to say that our cyber technology is among the world’s best, too, although China may believe otherwise. Our technological prowess notwithstanding, cyber warfare is baffling. One person can wreak havoc among major business, financial, government and services entities over the Internet and typically we won’t know it until after the fact.
No amount of legislation can turn this around. However, what the government can do is to help educate our students to be that “next generation of digital innovators and entrepreneurs.” What the government can do is support law enforcements’ efforts to locate, stop and prosecute offenders with a heavy hand. What the government can do is keep open international channels of communication, diplomacy, and cooperation to fight cyberterrorism and crime on a global scale, which is its arena.
There is no lasting solution, only a continuing mission to advance and apply technological know-how, to anticipate and plan, to outthink, outsmart and outdo those who would do us harm. Just know that they at work doing the same to us. If there is a defensive front line in cyberspace, it’s established through private-industry innovation (a new defense industry), through personal awareness and responsibility, and through the efforts of industries, companies, organizations, individuals … and governments to defend ourselves with everything we’ve got.
For more information on data security and privacy, download these Peak 10 resources: