While a “cyber Armageddon” doesn’t appear imminent, cyber attacks are a serious challenge to U.S. national security and demand greater attention from American leaders, according to a new study from the Center for a New American Security (CNAS).
In the America’s Cyber Future, Security and Prosperity in the Information Age report, the CNAS says approximately 1.8 billion cyber attacks are aimed at Congress and federal agencies every month. “Foreign cyber intruders have penetrated America’s power grid, and while their intentions are unclear, the potential for harm is considerable,” the report states. The cyber threat to the U.S. military is also growing.
However, despite efforts by the U.S. government and private sector to strengthen cyber security, the sophistication of cyber threats and attacks continue to outpace progress.
The report makes a number of suggestions. The first is to adopt a comprehensive strategy for a safe and secure cyberspace where the Department of Homeland Security (DHS) should strengthen its capacity for risk assessment and incident response. The report urges Congress to pass legislation that creates a new quasi-governmental “fusion” center to improve information sharing, clarifiy DHS’s legal authority to monitor US government networks, enable Internet service providers to better cooperate with the US government, and bolsters cyber security education and recruitment programs.
Next, the report recommends the creation of a report called an International Agenda for Cyber Security that outlines key international security. The report also suggested the US government increase the economic, political and military costs for cyber attackers while defending against them more effectively. This can be accomplished by better clarifying legal authorities related to military and intelligence cyber operations, improving cyber defenses, sustaining America’s offensive military advantage in cyberspace, implementing a cross-domain prevention strategy, and ensuring that the US military can operate in a command and control environment degraded by cyber attacks, and tap into the National Guard and Reserves for high-tech cyber skills.
Federal agencies devoted 15.6 percent of their total IT budgets to cyber security, with the biggest part of the overall $12 billion cyber security budget (74 percent) going to personnel costs. Private contractors remain an integral part of this workforce, representing 32 percent of the Department of Defense’s (DOD) cyber security personnel and 54 percent of non-defense agencies’ cyber security personnel.
The Obama administration’s Fy 2012 budget request asks for greater spending on cyber security. The request outlines $548 million for government-wide cyber security research, development and education, which is a 35 percent increase from Fy 2010.