U.S. Department of Homeland Security (DHS) Secretary Janet Napolitano shared her latest thinking about the nation’s cybersecurity during a Washington, D.C., symposium on Thursday, Oct. 27, at which she said government continues to struggle identifying who exactly is response for cyberattacks.
The United States faces threats from overseas, both from state actors and from criminal groups in those states.
“We don’t have good attribution in many of these cases,” she said.
Napolitano said the No. 1 type of cyberattack that worries her is one that would damage the nation’s critical infrastructure and cause loss of life or disrupt everyday living. She was vague, though, when asked if the U.S. had already come close to experiencing that type of attack. Napolitano merely said that the DHS is learning from every incident.
Napolitano offered sobering figures, such as that Web-based intrusions have increased 90 percent since 2009. In many cases, the government must rely on corporate players to deal with these threats. According to Napolitano, the country experiences thousands of cyberattacks daily. They include theft of intellectual property, instruction into critical infrastructure via denial-of-service attacks and malware planting, and the infiltration of government networks.
The secretary said she’d like to have “cyber geeks” with expertise in hacking come work for her department. The DHS has been authorized to hire 1,000 additional personnel for its mission, she said. But the department has difficulty hiring qualified personnel because of competition for them from corporations, and many would-be applicants don’t live in the Washington, D.C., area.
Napolitano’s comments came during a cybersecurity symposium at The Washington Post building. The homeland security secretary made brief remarks and then answered questions during a moderated session.
“Cybersecurity is an issue that literally touches everyone,” Napolitano said. Digital systems pervade so many areas of human life, and these systems need protection from cyberthreats.
Private-sector companies manage the bulk of these digital systems, so governments and corporations must work together to safeguard critical infrastructure. “We have to have a concerted public-private partnership to secure that infrastructure,” Napolitano said.
Napolitano said public-private partnerships should be heavily incentivized to motivate organizations to participate in cybersecurity protection. She also said that the international community’s lack of a global framework or standards for cybersecurity is a reason why foreign embassies get hacked.
“There’s a huge vacuum, in my view, in the international world when it comes to cybersecurity,” Napolitano said.