Politicization of Cybersecurity
|Follow GovInfoSecurity.com on Twitter|
The real shock from Cyber ShockWave could be the politicalization of cybersecurity, until now a bipartisan endeavor in Washington.
The Bipartisan Policy Center - founded by former Democratic and Republican Senate leaders - held Wednesday Cyber ShockWave, which simulated a cyber attack on the a single day in July 2011 that disrupts smart phone service to 20 million customers, shuts down an electronic energy trading platform and cripples the power grid along the Eastern seaboard. In the simulation, former high-ranking government officials such as ex-Homeland Security Secretary Michael Chertoff and former National Intelligence Director John Negroponte played high-ranking government officials assembled to address the attack. The simulation's results weren't surprising, as were the calls afterward for government, business and citizens to work together to prevent such a virtual assault with real-life consequences.
The players included members of former Democratic and Republican administrations, a truly bipartisan team. Bipartisanship has been the signature of IT and cybersecurity politics for decades, but that could end as Washington tries to figure out how best to get the operators of the nation's mostly privately owned critical IT infrastructure to take the necessary steps to safeguard these critical digital assets.
On one side, are those who feel the threat is so great that the government must tell the private sector how to protect these critical information systems through regulations because some businesses will place profit before safety. At the other end, are those who feel the government has no business telling the private sector how to run their business; besides, they say, who better than the businesses know the threats and how to guard against them. They contend the government should offer incentives, not rules, to get businesses to comply.
Of course, there is a middle ground, some regulation, some incentives. That's a position taken by the highest ranking cybersecurity official in the Department of Homeland Security, Deputy Undersecretary Philip Reitinger, who in a recent interview with GovInfoSecurity.com addressed this point, with an optimistic spin:
"We are working avidly with the private sector, having discussions within government to make sure we have the right policy framework, which could be a mixture of different things, to make sure we can best close that gap between what the market may provide and what we actually need. ... We have got a set of regulations and incentives already, the question is making sure that that policy framework, including some regulation, some incentive and a lot of market activity, will work together to drive the level of security we need."
Short of a real cyber catastrophe, the temperament in Washington - especially in Congress - as seen in a number of initiatives, doesn't involve give and take. Compromise is a word missing from the political lexicon.
Updating the nation's laws to improve cyber safeguards already is proving to be an uphill battle, but one that has avoided partisan bickering. Introduce the potential of regulation, and cybersecurity could join healthcare, global warming and the budget as just another Capitol squabble.