Melissa Hathaway, who led President Obama’s Cyberspace Policy Review, now says the Administration and Congress don’t seem prepared to make the short-term sacrifices necessary to secure the Internet.
Hathaway co-signed an op-ed article in today’s Washington Post with Jack Goldsmith, a former assistant attorney general in the Bush Administration. The bipartisan byline captured my attention.
Citing the numerous reviews (including the one Hathaway just completed, the authors conclude: “We know what the road toward security looks like; the hard part is getting the government to travel down it.”
Threats from cyber-attackers, some sponsored by governments, are becoming more apparent every day (see my recent post.) And our exposure and vulnerability to computer disruptions are growing. Tomorrow it won’t be only Google, or (heaven forbid) the power plant or hydroelectric dam. Networked computers are playing a bigger role in traffic management, and are creeping into our health care records and even into our home appliances.
Hathaway and Goldsmith hint at how truly addressing the problem would restrict the private sector, change government and make our online activities more expensive. Looking at some bills in Congress on the subject gives an ideas of some of the adjustments business and consumers would have to make. One would require your ISP to notify you if your computer has become infected with a virus.
If you want a contrary view, read the recent article by Evgeny Morozov in the Wall Street Journal. Still, the stronger software standards and better cross-government coordination advocated by Hathaway and Goldsmith seem reasonable to contemplate.
Any real solution will be a classic case of short-term pain versus long-term gain, with the gain hard to imagine until we encounter a worst-case scenario. The situation is kind of like the uncontrollable oil spill in the Gulf of Mexico.
Disclosure: I work for CSC, a global information technology services company that has a strong suite of offerings in cybersecurity.
