U.S. Secretary of Homeland Security Janet Napolitano said Friday she believes a "cyber 9/11" could happen "imminently." A coordinated terrorist cyberattack could effectively shut down the country, she says, and more needs to be done to prepare.
"We shouldn't wait until there is a 9/11 in the cyber world," Napolitano told Reuters news service, referring to the massive terrorist attacks against the U.S. on September 11, 2001. "There are things we can and should be doing right now that, if not prevent, would mitigate the extent of damage."
The Real Risk
Chris Petersen, chief technology officer of LogRhythm, a log management and SIEM 2.0 provider, said in reaction to Napolitano's comments that it's unfortunate President Obama needs to consider signing an executive order on cyber security.
"Ideally, Congress would recognize and act on the threat we face as a nation when it comes to defending ourselves against cyber war and cyber terrorism. These threats are real and will only increase in the years to come -- drastically and swiftly," Petersen said. "If signing an executive order does nothing other than help move cyber security spending up the stack of 2013 IT budgets, it will be a win for us all."
As Petersen sees it, there are real and valid concerns when it comes to cyber security legislation, a main concern being additional compliance burdens on U.S. companies. While concerns are understandable, he said, the reality is that without a measuring stick, companies won't know if they have gone far enough in protecting themselves. Without enforcement, some companies will just kick the can down the road and hope for the best.
"We appreciate that there are valid concerns and criticisms that will be disclosed through discussion. However, there is real risk in delaying action as we wait years for all opinions and concerns to be aired," Petersen said. "We need immediate action with continued refinement in years to come. For example, this refinement could be an industry taking a self-regulating approach similar to NERC-CIP in the energy sector or PCI in retail."
A Troubling Concept
Amrit Williams, CTO of Lancope, said, given the events of 9/11 it would seem logical that under a massive sustained attack on our critical infrastructure and our digital assets -- both public and private -- it would be warranted for the administration to do whatever would be required to regain control and eliminate the threat. Of course, he admitted, that's easier said than done. (continued...)
Posted: 2013-02-09 @ 5:14am PT
Most of the legislation I'm hearing about has very little to do with security and has everything to do with control. Invoking 9/11 and waving the flag does not impress me at all.
Posted: 2013-02-01 @ 4:06pm PT
I agree with Petersen. The cyber network needs to be protected now rather then waiting for people to voice their opinions. What could it hurt?
Posted: 2013-01-30 @ 6:41pm PT
I think we are just plain DOOMED!!
Posted: 2013-01-26 @ 9:42pm PT
Too little too late. We need better understanding and government. Dedicated phone lines, not Internet open-doors for power companies. Doom.
Posted: 2013-01-26 @ 11:10am PT
Posted: 2013-01-26 @ 11:08am PT
The Neo-Cons must be close to having all their Cyber Ducks in row.
File Under False Flag.