Center for Cybersecurity Operations is proposed to protect military, government, and corporate electronics from criminals and other nations….
The U.S. faces a cybersecurity threat of such magnitude that the next President should move quickly to create a Center for Cybersecurity Operations and appoint a special White House advisor to oversee it.
Those are among the recommendations in a 44-page report by the U.S. Commission on Cybersecurity. The bipartisan panel includes executives, high-ranking military officers and intelligence officials, leading specialists in computer security, and two members of Congress.
To compile the report, which is entitled “Securing Cyberspace in the 44th Presidency,” commission members say they reviewed tens of thousands of pages of undisclosed documentation, visited forensics labs and the National Security Agency, and were briefed in closed-door sessions by top officials from Pentagon, CIA and British spy agency MI5. From their research, they concluded that the U.S. badly needs a comprehensive cybersecurity policy to replace an outdated checklist of security requirements for government agencies under the existing Federal Information Security Management Act.
The report calls for the creation of a Center for Cybersecurity Operations that would act as a new regulator of computer security in both the public and private sector. Active policing of government and corporate networks would include new rules and a “red team” to test computers for vulnerabilities now being exploited with increasing sophistication and frequency by identity and credit card thieves, bank fraudsters, crime rings, and electronic spies.
By Keith Epstein
The leader of these Chinese hackers says there “is always a weakness” on networks that allows cyber break-ins.
“We’re playing a giant game of chess now and we’re losing badly,” says commission member Tom Kellermann, a former World Bank security official who now is vice president of Security Awareness at Core Security.
Obama seems on board
Kellermann should know: He had a hand in crafting the nation’s cybersecurity strategy in 2003. But as he tells it, government efforts led by the Homeland Security Dept. have been stymied by bureaucratic confusion and an unwillingness by agencies and corporations to share information about cyber break-ins.
The commission’s report catalogues incidents afflicting financial institutions, large corporations, and government agencies, including some first detailed publicly over the last year in various BusinessWeek articles. In an ominous note for the private sector, the commission notes that “senior representatives from the intelligence community told us they had conclusive evidence covertly obtained from foreign sources that U.S. companies have lost billions in intellectual property.” (For more on the spread of malicious software, read the New York Times article, “Thieves Winning Online War, Maybe Even in Your Computer.” )
Read the rest: