Barack Obama today delivered remarks at Purdue University in which he laid out a set of national security priorities. He specifically identified “nuclear, biological, and cyber threats – three 21st century threats that have been neglected for the last eight years.”
He explains in the speech — in so many words — that by “neglected” he means underinvested in and deserving of greater priority. It can be said that when everything’s a priority, nothing is. But if you read the whole speech Senator Obama makes the case that its wiser to focus on the ways in which we are vulnerable as opposed to focusing on the specific enemies. Sounds weird, but it makes sense to suggest that, while national security is broadly defined, we must focus on the threats that can be presented, regardless of the adversary.
For example, while it may be al Qaeda that seeks to use bio-terrorism, we need to focus on defeating that threat if it is employed by any enemy. Same goes for nucs and cyber. And since I’m still here at Maxwell AFB for the Air Force Cybersecurity Symposium, following are Obama’s proposals on addressing cyber threats:
Every American depends – directly or indirectly – on our system of information networks. They are increasingly the backbone of our economy and our infrastructure; our national security and our personal well-being. But it’s no secret that terrorists could use our computer networks to deal us a crippling blow. We know that cyber-espionage and common crime is already on the rise. And yet while countries like China have been quick to recognize this change, for the last eight years we have been dragging our feet.
As President, I’ll make cyber security the top priority that it should be in the 21st century. I’ll declare our cyber-infrastructure a strategic asset, and appoint a National Cyber Advisor who will report directly to me. We’ll coordinate efforts across the federal government, implement a truly national cyber-security policy, and tighten standards to secure information – from the networks that power the federal government, to the networks that you use in your personal lives.
To protect our national security, I’ll bring together government, industry, and academia to determine the best ways to guard the infrastructure that supports our power. Fortunately, right here at Purdue we have one of the country’s leading cyber programs. We need to prevent terrorists or spies from hacking into our national security networks. We need to build the capacity to identify, isolate, and respond to any cyber-attack. And we need to develop new standards for the cyber security that protects our most important infrastructure – from electrical grids to sewage systems; from air traffic control to our markets.
For a brief speech, this was about as much detail as we can expect from a candidate. However, the next president is going to have to delve into such challenges as how effectively to draw the line between monitoring, detecting, dissuading, deterring, and defeating cyber threats. And should we actually endure an attack, we’ve yet to carve out our conops for response, recovery, and retaliation. What does it mean to retaliate for a cyber attack that steals secrets? Or one that shuts down an electrical grid, leading to actual casualties? Or one that isolates our armed services from its chain of command?
Cyber security ought to be a presidential priority and it is positive to see Senator Obama call it out as a strategic concern. We’ll see if John McCain is focused on cyber should his campaign offer a counter-speech.