David A. Wheeler's Blog

Tue, 09 Dec 2008

CSIS Cybersecurity Report

The Center for Strategic and International Studies (CSIS) has just released an interesting new report titled “Securing Cyberspace for the 44th Presidency: A Report of the CSIS Commission on Cybersecurity for the 44th Presidency”. The project was co-chaired by Representative James R. Langevin, Representative Michael T. McCaul, Scott Charney, and Lt. General Harry Raduege, USAF (Ret). If you’re interested in getting our computer infrastructure more secure, I think this is worth looking at.

The three major findings were: (1) cybersecurity is now a major national security problem for the United States, (2) decisions and actions must respect privacy and civil liberties, and (3) only a comprehensive national secuirty strategy that embraces both the domestic and international aspects of cybersecurity will make us more secure.

Among their recommendations, they suggest “Regulate cyberspace. Voluntary action is not enough. The U.S. must … set minimum standards in order to ensure that the delivery of critical services in cyberspace continues if the U.S. is attacked… [avoid] prescriptive mandates [and] overreliance on market forces, which are ill-equipped to meet national security and public safety requirements”. I agree that market forces, without any help, aren’t well-equipped to deliver security, but the challenge is in the details… it’s difficult to strike that balance well.

They recommend conducting research and development for cybersecurity - I’m glad they do, that’s vitally important. (I just saw the video The Science of Victory, which briefly discusses the importance of research to U.S. national defense.) CSIS also recommends not starting over - instead, they recommend building on and refining the existing “Comprehensive National Cybersecurity Initiative”.

In any case, computers and computer networks are no longer interesting toys, they are vital services. We need to improve how we protect them.

path: /security | Current Weblog | permanent link to this entry