I wanted to take a moment to discuss an important leadership role that I’ve been involved with over the past year and a half, and one that has grown increasingly critical as news of dangerous cyber attacks make headlines throughout the world.
As a member of the National Infrastructure Advisory Council (NIAC), I, along with other NIAC members, advise the President of the United States on practical strategies for industry and government to reduce complex risks to critical infrastructure sectors.
The Council, which was established by executive order in October 2001, is comprised of corporate executives and former senior government officials. To recommend solutions, we draw on our experiences, engage national experts, and conduct extensive research on physical and cyber risks to critical infrastructure.
As co-chair of NIAC’s Cyber Working Group, I recently assisted in drafting a report on securing cyber assets. This draft, which was released late last month, found that while the nation has the capabilities to defend against cyber attacks, it lacks the coordination to do so effectively.
I found it astounding that we are not organized or coordinated in a way that allows us to apply our resources effectively. Cyber capabilities and oversight are fragmented, and private sector and government roles and responsibilities remain unclear.
Bottom line: the U.S. is not ready to cope with a catastrophic attack aimed at the U.S. power grid, communications systems and other critical infrastructure.
Our country finds itself in a pre-9/11-level cyber moment, with a narrow and fleeting window of opportunity to coordinate our resources effectively.
In our recommendations, we urge the Administration to use this moment of foresight and establish separate communications networks to support critical systems. We also call for bold steps that would rapidly declassify cybersecurity threat information so that front-line infrastructure operators can use it to defend against attacks. We included eleven recommendations in this report.
I know about these cyber threats personally. A massive data breach against my former company, Heartland, was discovered in 2009. It was evidence of just how easily an attack can happen and go unnoticed, with serious consequences for a company and its clients.
This is a national security challenge like no other, and one that requires urgent attention.
I am honored to be assisting my country in such a vital role.