The cyber element has been a staple of global threat assessments for quite some time. Last week’s Worldwide Threat Assessment delivered by US Director of National Intelligence James Clapper was no exception. Testifying at the Senate Armed Services Committee, Clapper explicitly sidelined the often-hyped ‘Cyber Armageddon’ (aliases: Cyber Pearl Harbor, Cyber 9/11) lingo, suggesting instead that the greatest cyber threat to the United States is ‘an ongoing series of low-to-moderate level cyber attacks from a variety of sources over time, which will impose cumulative costs on U.S. economic competitiveness and national security’.
That assessment comes as Washington ramps up its efforts concerning cyberspace. The President announced a range of executive actions in the lead-up to the State of the Union Address including the formation of a new agency to integrate intelligence about cyber threats, Congress is poised to finally move on much-needed legislation, the CIA is integrating cyber into its mission, the White House has proposed a new online privacy bill and the FCC has approved net neutrality rules.
Australia has had its own, somewhat more modest, successes recently, including the announcement of a 6-month cybersecurity review. The review has the potential be a great first step to reinvigorate national cyber efforts.
One primary issue the review will have to address is information sharing with and between the government and the private sector, a pervasive challenge for governments and businesses across the globe. The Department of Prime Minister & Cabinet can look to an interesting new report from the Atlantic Council’s Cyber Statecraft Initiative for some ideas: Breaking the Cyber-Sharing Logjam notes information sharing as one of the last great barter economies, and calls for market solutions to bridge the trust deficit and boost information sharing.
But even if the review hits the info sharing nail on the head, will it be enough to ensure a safe, secure, and trusted cyber environment for Australia?
Greg Austin, visiting professor at the Australian Centre for Cyber Security, has suggested the government is overlooking the important link between national security, cybersecurity, and the digital economy. Austin writes that ‘a cybersecurity strategy without a plan for globally competitive innovation in the digital economy is like building an ever-stronger wall while the building it protects gradually falls into disrepair’.
While the boom in cyber terms has resulted in some comic hashtags, twitter handles, and quizzes, there are serious consequences to the use, misuse, and overuse of the term ‘cyber’. Chief Information Security Office at Yahoo, Alex Stamos, has suggested that cyber-buzzwords are short-circuiting a debate on an important issue while Michael McNerney, former cyber policy adviser in the Office of the Secretary of Defense, has suggested the term ‘means nothing,’ covering everything from information security to robotics, virtual reality to cybersex. Jason Healey has suggested that the misuse of terms and clichés ‘accurately reflects the lack of deep thinking’ in policy circles. But there are signs that the debate is maturing. With the Worldwide Threat Assessment as an exemplar, there are signs that officials are increasingly eschewing the use of the term ‘cyberwar.’
On the other hand, if you aren’t sick of the proliferation of cyber, CSI:Cyber is finally hitting the small-screen. Just don’t get your hopes up as reviews have called the latest in the CSI franchise ‘a particularly tired exercise.’