Cyberwar is increasingly entering into the mindset of policy makers. Earlier this month, DNI Dennis Blair outlined the cyber threat in his Annual Threat Assessment of the US Intelligence Community, saying that “The United States confronts a dangerous combination of known and unknown vulnerabilities, strong and rapidly expanding adversary capabilities, and a lack of comprehensive threat awareness.”
In a hearing on Tuesday before the Senate Commerce, Science and Transportation Committee, former DNI Mike McConnell, of Booz Allen, told legislators that “If the nation went to war today, in a cyberwar, we would lose. We’re the most vulnerable. We’re the most connected. We have the most to lose.”
McConnell also said that the US is unlikely to really secure cyberspace until a major cyber disaster occurs. “We will not mitigate this risk. We will talk about it, we will wave our hands, we’ll have a bill, but we will not mitigate this risk,” he said.
Mary Ann Davidson, CSO of Oracle Corporation, said “We need to change our collective mindset so that elements of critical cyber infrastructure are designed, developed and delivered to be secure. We do that in part by changing the educational system so that we have a cadre of people who know that critical cyber infrastructure will be attacked – and they build accordingly and defensively.”
“Too much is at stake for us to pretend that today’s outdated cybersecurity policies are up to the task of protecting our nation and economic infrastructure,” said Senator Rockefeller. “We have to do better and that means it will take a level of coordination and sophistication to outmatch our adversaries and minimize this enormous threat. It is that simple. We cannot wait for a crisis to occur, the consequences would be far too grave.”