A survey of federal IT officials published on Tuesday by a computer security firm reports that a third of respondents in agencies tied to national security experienced a cyberattack by a foreign nation or terrorist organization over the last year.
Nearly three-quarters of the 72 respondents who work in national defense and security departments or agencies also said the possibility is "high" for a cyberattack by a foreign nation in the next year, according to officials at Lumension Security, the data protection firm that sponsored the study. Thirty-three percent of those respondents said they already have experienced such a cyberattack within the last year.
But more than half of the total 201 total respondents from security and non-security agencies expect the recent appointment of a federal cybersecurity coordinator will produce only minor policy changes.
"Unfortunately, when it comes to our infrastructure, we are already under attack and are faced with the reality of a growing and advanced persistent threat from foreign entities that are targeting our critical U.S. infrastructure," Pat Clawson, Lumension's chairman and chief executive officer, said in a statement. "The traditional government responses we've seen so far, such as naming a security coordinator, announcing a cybersecurity initiative and focusing on compliance initiatives will not alone successfully address this problem."
Meanwhile, House lawmakers are pushing for legislation that would mandate the creation of a cybersecurity director as a permanent position.
Clarus Research Group conducted the study in late February on behalf of Lumension Security.
COMMENTS
It's hard to separate "the sky is falling" claims of the network folks who seem to have a selfserving interest in perpetuating this claim from the real facts about network security. Of course the DOD is part of "the sky is falling" community even though their charter only covers the military part of the network which is rather small in comparison to the commercial part of "the vital infrasturcture". DHS who has the responsibilility for protecting the largest part of the network, that is the commercial part, isn't singing "the sky is falling", which may mean that the DOD and their network security community is trying to leverage this scare as a tactic to getting a bigger piece of the budget. It could also mean that DHS is asleep at the switch. More than likely, it's the former since surely the entire commerical community who now depend on "vital infrasturcture" as much if not more than DOD aren't yelling "the sky is falling". Think of it this way. Remember Y2K when the DOD was yelling "the sky is falling"? Remember that the commercial community had much more at stake than DOD? Did the commercial community respond appropriately, or in other words, did the sky really fall? Did DOD or the network security community have anything to do with preventing the sky from falling or did reasonable planning by the private sector prevent it? Perhaps it's time for the fanatics to start believing the stuff they keep preaching about the power of the market. On the other hand if DOD wants to continue throwing $B at information technology insead of recapitalizing it's aging guns that the private sector may need to call upon to do what the private sector can't do, then maybe we aught to start teaching Chinese in schools.
Truth and Justice 04/07/10 02:15 pm ET