Government Too Slow in Addressing Cyberthreat, says General Michael Hayden

By Lilly Chapa

Cybertechnology stands alongside land, sea, air, and space as the newest domain, but it is also the newest category of weapon, and the government is slow in addressing its dangers, said General Michael Hayden, former head of the National Security Agency and former CIA director, speaking at a Washington, D.C., cybersecurity forum sponsored by Kaspersky Lab earlier this week.

Part of the problem, he noted, is that “You and I have not yet decided what we want our government to do [with cybersecurity] or what we will let our government do to keep us safe.”

Hayden cited as an example of our lack of consensus the failure of Lieberman-Collins (the Cybersecurity Act of 2012) in the last Congress. Much like the President’s February executive order on cybersecurity, that legislation called for a body to establish voluntary cybersecurity practices and to improve information sharing. Though Hayden called it reasonable, it was opposed by both the American Chamber of Commerce and the American Civil Liberties Union—an unnatural occurrence, he said, which led to its defeat (by way of not getting the 60 votes needed to avoid a filibuster) before it could come to a full vote on the Senate floor in the last Congress. “That reveals how much we have not yet decided on how we’re going to go about this,” Hayden said.

Another concern discussed by a different panel at the forum was the lack of communication among companies and between the private sector and the government, which makes it hard to know how many companies are being hacked or how—or to coordinate defenses against those attacks.John Pescatore, director of emerging security trends at SANS; Kaspersky Global Research Director Costin Raiu, and Larry Zelvin, director of the U.S. Department of Homeland Security’s National Cybersecurity and Communications Integration Center, weighed in on that issue.Many companies do not want to admit that they have been the victim of a cyberattack, because it might hurt them financially or damage their reputation, so they may not report an attack for months, if ever, Pescatore said.


View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.