Cybersecurity is About More Than National Security, It’s About Jobs
Late last year, Iranian and Venezuelan diplomats reportedly met with a shadowy group of hackers in Mexico to plan cyber attacks against American targets, including nuclear power plants.
These types of meetings, between people hostile to the United States and criminals, terrorists, and “hacktivists” who have the know-how to steal our business secrets and attack the systems we depend on for power, water, and transportation are increasingly common. The consequences of these “alliances of convenience” are stark. According to Robert Mueller, the Director of the Federal Bureau of Investigation, American businesses are constantly falling victim to costly cyber intrusions and cyber threats will soon surpass terrorism to become the number one threat to the country.
In fact, the United States is already uniquely vulnerable to cyber attacks. We are more dependent on information technology and less susceptible to traditional forms of attack than any other nation in the world. Moreover, unlike many other countries, over 85% of the critical infrastructure in the United States is owned by the private sector.
This has resulted in two problems. First, members of the private sector are on the frontlines of the cybersecurity fight, but they are largely unable to share information about threats and incidents with each other and the government for reputational and legal reasons. The terrorist attacks of September 11, 2001, taught us how important information sharing is, and that is a lesson we need not learn again.
More serious still, the security measures adopted by the owners of critical infrastructure are inconsistent and uncoordinated. In fact, the companies that invest in the best security are often at a competitive disadvantage. Perversely, the lack of common security standards rewards those who invest the least in security with fatter profits and puts us all at risk.
This sorry state of affairs is not only bad for business, it undermines national security by leaving America vulnerable to blackmail. North Korea, Iran, and others are actively developing the means to undermine America’s hard-earned military superiority by launching potentially devastating cyber attacks against infrastructure and businesses inside the United States.
Any solution to America’s cybersecurity predicament must improve information sharing and strengthen our ability to protect businesses and critical infrastructure. The bipartisan Senate Cybersecurity Act of 2012 is the only bill that does this.
The Cybersecurity Act makes it possible for companies and cybersecurity experts in the government to share information and work together to prevent and disrupt cyber attacks. Senior American intelligence officials have stated publicly that foreign governments are actively working with favored firms to steal research, technology, and, ultimately, jobs from American companies. Last year alone, cybersecurity breaches cost U.S. companies an estimated $100 billion. It is essential that the full resources of the U.S. Government be used to defend American job creators in the virtual world, just as they are in the real world.
Unlike many other proposals, the Cybersecurity Act also provides the owners of the infrastructure that Americans depend on the opportunity to develop some common-sense cybersecurity standards and tasks the government to hold everyone accountable to them. This legislation protects American jobs and recognizes that American business thrives when everyone is playing by the same rules.
Security experts including the Chairman of the Joint Chiefs of Staff, Martin Dempsey, former Director of National Intelligence, Mike McConnell, and former Secretary of Homeland Security under President George W. Bush, Michael Chertoff, support the Cybersecurity Act of 2012. Leading businesses, including Cisco and Oracle, and economists, such as Martin Feldstein, Ronald Reagan’s chief economic advisor, agree that the benefits of action vastly outweigh the costs. It is time to put the interests of the American public and businesses ahead of those of the organized criminals and hostile governments who would do them harm.
Erik Iverson is a Truman Security Fellow. He is a PhD Candidate at The Fletcher School and Tufts University.