I wanted to take a moment to discuss an important leadership role that I’ve been involved with over the past year and a half, and one that has grown increasingly critical as news of dangerous cyber attacks make headlines throughout the world.
As a member of the National Infrastructure Advisory Council (NIAC), I, along with other NIAC members, advise the President of the United States on practical strategies for industry and government to reduce complex risks to critical infrastructure sectors.
The Council, which was established by executive order in October 2001, is comprised of corporate executives and former senior government officials. To recommend solutions, we draw on our experiences, engage national experts, and conduct extensive research on physical and cyber risks to critical infrastructure.
As co-chair of NIAC’s Cyber Working Group, I recently assisted in drafting a report on securing cyber assets. This draft, which was released late last month, found that while the nation has the capabilities to defend against cyber attacks, it lacks the coordination to do so effectively.
I found it astounding that we are not organized or coordinated in a way that allows us to apply our resources effectively. Cyber capabilities and oversight are fragmented, and private sector and government roles and responsibilities remain unclear.
Bottom line: the U.S. is not ready to cope with a catastrophic attack aimed at the U.S. power grid, communications systems and other critical infrastructure.
Our country finds itself in a pre-9/11-level cyber moment, with a narrow and fleeting window of opportunity to coordinate our resources effectively.
In our recommendations, we urge the Administration to use this moment of foresight and establish separate communications networks to support critical systems. We also call for bold steps that would rapidly declassify cybersecurity threat information so that front-line infrastructure operators can use it to defend against attacks. We included eleven recommendations in this report.
I know about these cyber threats personally. A massive data breach against my former company, Heartland, was discovered in 2009. It was evidence of just how easily an attack can happen and go unnoticed, with serious consequences for a company and its clients.
This is a national security challenge like no other, and one that requires urgent attention.
I am honored to be assisting my country in such a vital role.
Bob, well put and thank you for your efforts. my only suggestion would be to emphasize the importance of real time threat information sharing. As you know, this has been one of the devils in the details that, at least for me, has frustrated coordinated public/private coordination.
Thank you Bob for your dedication to this threat to our nation and citizens! No doubt your insight and knowledge is invaluable! The President and all of us are blessed to have you serve in this capacity.
Too much Emphasis on Selling in the US and. Ot enough efforts on Infrastructure.
Good Job Mr. Carr
Wired Magazine had a very sobering article written by Andy Greenberg on this very subject (https://goo.gl/AqMhoa).
These cyber warfare tools (or, more accurately, weapons) are already being developed, deployed and refined outside the US and our systems are woefully underprepared. One quote from his article – “Tell me what doesn’t change dramatically when key cities across half of the US don’t have power for a month.”
Thanks for your work toward addressing this frightening, and very real issue.
There is a lot to be said for knowing about and having experienced a violation of cyberattacks, but more importantly is having a vision and the wisdom to know what to do to avoid it happening again. Thank you for your passion and serving on this committee.