By Kevin Coleman Defense Tech Chief Cyber War Correspondent
Any comprehensive approach to cyber security will combine military capabilities, input from the software and information security industries, as well as a number of private sector (civilian) facets. Recently, General Gabor Horvath, Director of Concepts and Capabilities Development for the EU Military, said, “I am convinced there will be a combined civil-military goal in the future” and he isn’t the only one. Lt. General Director of the National Security Agency and the nominee to lead U.S. Cyber Command said many issues related to Cyber Command's operations are yet to be determined and specifically mentioned collaboration with the private sector.
Militaries throughout the world are facing this same issue due primarily to dual-use technologies, but the internet and cyber warfare and defense has taken this to a significantly higher level. What is the difference between a security testing tool and a cyber weapon? The answer is simple: “intent.”
At last count, an estimated 150 countries/militaries are currently developing cyber warfare capabilities. The recent introduction of cyber arms dealers will make sure that number will grow given the number of terrorist groups and criminal organizations that seek these capabilities.
Some other military and government leaders went as far as to suggest leaders from private sector industries that support the critical infrastructure aggressively seek out education and knowledge in the cyber realm. The military, government, law enforcement and the private sector need a common base of understanding and vocabulary with which to communicate. Unfortunately, this is not the case today.
FACT: Between 80 and 85 percents of the U.S. critical infrastructure is owned by the private sector.
Our nation faces unprecedented and unacceptable risks associated with cyber attacks, cyber terrorism, cyber espionage and the possibility of a cyber war. The only sure way we can be successful in the cyber threat domain is through collaboration between the military, government, law enforcement, the private sector, the computer and telecommunications industries, and to a lesser extent even the end users!
It’s vital that some organizations take ownership of this problem and begin to systematically address this growing threat through a partnership of all stakeholders.