Back in February, the BiPartisan Policy Center hosted a mock cyber wargame called “Cyber ShockWave,” which examined how the U.S. would respond to a cyber attack. Former DHS Secretary Michael Chertoff served as the head of the mock NSC during the wargame. This week, he wrote a column for Government Computer News on the lessons he feels should be taken from the event.
Chertoff views cybersecurity as an integral part of national security and should be treated as such.
“My view is that cybersecurity issues transcend the protection of personal data or networks from hackers or even organized crime,” he wrote. “Cyber warfare is a major national security issue “” protecting the security and freedom of our networks is as critical as protecting freedom of the seas and space.”
From his viewpoint, Chertoff sees a number of valuable lessons from the event. First, the responsibilities for dealing with a large scale cyber attack against the U.S. are not clearly defined and delineated. Additionally, there is little guidance on how to react and respond to cyber attacks. It is presently difficult for the government and private sector to adequately collaborate to fend off cyber attacks. Finally, the current organizational and legal channels limit the response options to a mutually exclusive law-enforcement approach or international response to halt the attacks.
Chertoff goes on to discuss his policy recommendations and steps he feels should be taken to move the U.S. cybersecurity effort forward. These recommendations include:
1) Determining what are reasonable privacy expectations during a cyber attack
2) Developing clear guidelines regarding what the government is authorized to do or not do
3) Improving public-private partnerships to facilitate the better exchange of information
4) Develop a deterrence and response strategy for state-sponsored cyber attacks
5) Work to develop international standards of acceptable conduct in cyberspace
Chertoff also calls for raising more cyber aware citizens. “Finally, we must recognize that everyone is a combatant in the world of cyber warfare,” he said.
The article can be viewed here