'We are in a Pre-9/11 Cyber Moment' Says NIAC
A new report released by the National Infrastructure Advisory Council (NIAC) has issued stark warnings regarding America’s ability to effectively harness its cyber capabilities.
According to the report, NIAC investigators have “revealed an echo chamber, loudly reverberating what needs to be done to secure critical U.S. infrastructure against aggressive and targeted cyber-attacks,” but despite the repeated warnings, “we’re falling short.”
“The challenges the NIAC identified are well-known and reflected in study after study,” says the report. “There is a narrow and fleeting window of opportunity before a watershed, 9/11-level cyber-attack to organize effectively and take bold action. We call on the Administration to use this moment of foresight to take bold, decisive actions.”
NIAC’s report lists 11 specific steps it sees as necessary, calling “on the Administration to use this moment of foresight to take bold, decisive actions.” The 11 recommendations are:
Establish separate, secure communications networks specifically designated for the most critical cyber networks.
Facilitate a private-sector-led pilot of machine-to-machine information sharing technologies.
Identify best-in-class scanning tools and assessment practices, and work with owners and operators of the most critical networks to scan and sanitize their systems on a voluntary basis.
Strengthen the capabilities of today’s cyber workforce by sponsoring a public-private expert exchange program.
Establish a set of limited time, outcome-based market incentives that encourage owners and operators to upgrade cyber infrastructure, invest in state-of-the-art technologies, and meet industry standards or best practices.
Streamline and significantly expedite the security clearance process for owners of the nation’s most critical cyber assets, and expedite the siting, availability, and access of Sensitive Compartmented Information Facilities (SCIFs) to ensure cleared owners and operators can access secure facilities within one hour of a major threat or incident.
Establish clear protocols to rapidly declassify cyber threat information and proactively share it with owners and operators of critical infrastructure.
Pilot an operational task force of experts in government and the electricity, finance, and communications industries.
Use the national-level GRIDEX IV exercise to test the detailed execution of Federal authorities and capabilities during a cyber-incident.
Establish an optimum cybersecurity governance approach to direct and coordinate the cyber defense of the nation.
Task the National Security Advisor to review the recommendations included in this report and within six months convene a meeting of senior government officials to address barriers to implementation and identify immediate next steps to move forward.
In a statement, Michael Wallace, who co-chairs the NIAC cyber working group, doubled down on the report’s direst warnings, saying, “We find ourselves at a crucial point. We are in a pre-9/11 cyber moment. We have the opportunity to be proactive in this limited window before our nation experiences a watershed cyber-attack, and we’re calling on the administration to take bold and decisive actions.”
