A Complex Situation

By Kevin Coleman -- Defense Tech Cyberwarfare Correspondent

The last few days has shown the complex, threat ridden environment that cyber has become while at the same time how unprepared we are at this point to address these challenges. RSA/EMC a critical player in cyber security, disclosed they suffered a breach and some information was exfiltrated. The organization quickly moved and briefed their customers and advised them as to what actions to take.  At the same time Sen. Susan Collins (R-Maine), the ranking member of the Senate Homeland Security and Governmental Affairs Committee stated that a serious attack on one of the country’s largest technological security providers this week is an “urgent” sign for Congress to pass comprehensive cyber security legislation. Collins used statistics provided last March by the Senate sergeant at arms that showed “the executive branch agencies and the Congress are probed or attacked an average of 1.8 billion times per month.” That is nearly 3.5 times a minute and keep in mind the attackers only have to be successful once while our defenders have to get it right every time.

Then, Gen. Keith Alexander, head of U.S. Cyber Command, told members of Congress that he would give the military a grade of "C" for its cyber protection capabilities. It is widely believed that a large scale cyber attack would quickly tax the current resources. In fact, some have openly stated that the U.S. military does not have the trained personnel or the legal authority required to address this rapidly growing threat. General Alexander was just quoted as saying, "we are finding that we do not have the capacity to do everything we need to accomplish. To put it bluntly, we are very thin, and a crisis would quickly stress our cyber forces.”

It is looking like pundits are right. It will take a major cyber attack with substantive impact before we get out of neutral and address this critical issue.