Why is the Obama Administration spending $19 billion on government cybersecurity defenses for fiscal year 2017?
This figure is a 36% increase, or $5 billion over what was allotted by the U.S. government for cybersecurity measures for 2016. No doubt it has much to do with the recent ransomware attacks on bureaucratic agencies such as the NSA, FBI, and NASA. A February 2016 report in Tech Republic outlines reasons that have included the hacking of FBI and DHS files, wherein leaked data exposed information about 20,000 FBI employees and 9,000 Department of Homeland Security workers.
Accounting for Information Security
The storing and transmission of information is the cornerstone of business and government power. It’s safety and security is paramount to the ability of companies to properly function. Since the US Government Accountability Office (GAO) labeled the DHS’s system of cyber-defense, or “Einstein” as being ineffective, the issue of government IT network security has come to the fore in technology news. Hence, the pressure put on the Obama Administration to do something about vulnerabilities that could be the worst kind of costly. US-CERT officials working in conjunction with the GAO have said that they, in essence, don’t buy zero-day flaws (or, attacks on previously unknown security flaws) and “as such there is no way to identify such flaws until they are announced publicly”.
Zero-Day Flaw Implications
What this amounts to is a Catch-22 wherein security flaws are essentially only tested by the proxy of hacker attack, but cannot be identified until that “zero day” when they are publicly announced by the government, which will never occur. So, national cyber-defense, then, becomes hacker-tested, hacker-approved, instead of A/B tested and made secure prior to the “zero day” of cyber breach discovery. The U.S. government’s answer? Throw more money at the situation, instead of altering their approach to the problem. Their cyber-defense system is called Einstein, who said, after all, “Problems cannot be solved with the same type of thinking that created them.”
A North American alliance was formed, in effect, on June 29 of this year, when the leaders of all three North American nations met to discuss “an open, interoperable, reliable, and secure Internet to our collective prosperity and security,” according to an article called “Cybersecurity Across North America”. The conference outlaid the implementation of new cybersecurity measures aimed at protecting all commercial sectors of Canada, Mexico, and the United States. This discussion will continue on September 26, 2016 at New America in Washington, D.C. At the event, senior government officials will weigh in on:
- Cyber breach incident response in private and public sectors
- The specific challenges for small business when facing devastating cyberattacks
- Global cybersecurity policies that don’t adversely affect international supply chains
- Initiating and engaging in dialogue between private and public business leaders
2017 aims to be, unsurprisingly, the most ambitious year yet in terms of bolstering global cyber-defenses. Hopefully this will shore up holes that hacker opportunists have until now exploited all-too readily and often.
IT and Cybersecurity for All
What’s good for the goose (government IT networks) is good for the gander of those who look to our leaders to set examples we can look to. Leave it to your local IT management firm to advise you on the best program of cyber-defense possible for your data center and network. SSE Network Services is the leader in providing managed IT services in St. Louis. Have questions? Call (314) 439 - or send us an email at email@example.com.