The federal government alone cannot stop the cyber threats against the country, but instead it will take a team of federal agencies, industry partners, academia and international allies, General Keith Alexander said on Thursday.
Speaking at the U.S. Chamber of Commerce 2012 Cybersecurity Summit, Alexander, director of the National Security Agency and commander of the U.S. Cyber Command, said no one federal agency – not even his own – can do it by itself.
“Secretary of Defense Leon Panetta has talked about the possibility of a cyber Pearl Harbor, and we are doing our best to avoid that,” Alexander said, “but the reality is that it’s going to take a vast collaborative effort from inside and outside the federal government.”
Alexander said that NSA and DOD need the Department of Homeland Security to act as a broker with the federal government’s industry partners to share information on security threats facing the country’s critical infrastructure. Alexander added that DHS said it needs assistance from the Federal Bureau of Investigation and other federal partners, such as the National Institute of Standards and Technology.
The government has a vested interest in attacks against industry partners as well, and not only those that deal with critical infrastructure, Alexander said. He called the theft of intellectual property as “death by 1,000 cuts,” as the theft of these ideas risk the loss of revenue for American companies, who in turn would pay less in taxes that the government and military need to operate.
“Think if the plans for Apple’s iPhone were stolen before the company launched,” Alexander said. “It would have cost the company literally billions of dollars in revenue and growth. The reality is that we are all vulnerable, and it’s up to all of us to fight back.”
In his 30-minute talk, Alexander said that increased information sharing between government and industry does not mean a decrease in civil liberties. He compared it to a car driving down the highway, saying ,“we want to know that a malicious car is coming our way, we don’t really care what’s inside of it.”
As the government works to create this level of sharing, Alexander said Cyber Command is focusing on five areas:
- Educating employees to be a highly-trained and disruptive force in the cyber domain
- Creating a defensible enterprise architecture that utilizes cloud computing and virtualization technologies where possible
- Finding better ways to monitor what is going on in cyber space to get a clearer picture of the threats facing the country
- Improving command and control functionality within DOD
- Working with other authorities to create rules of engagement and policies and procedures of how to best work within cyberspace