October is National Cyber Security Awareness Month, a campaign to spread awareness about the growing risks of cyber crime and the importance of enhancing data security in our computer networks. We live in a world that is increasingly interconnected and reliant upon the Internet and computer softwares, and the digital universe is endlessly expanding with new information and devices. Cybersecurity resources must attempt to keep up with and protect the increasingly complex cyberspace as new devices and technology networks are digitally connected. Each additional smartphone, network, mobile application, and technological device is a vulnerable target for potential hackers.
As hacking threats and data breaches continue to emerge, cybersecurity has become a primary concern for governments, public and private enterprises, and individual consumers. Hackers have been able to infiltrate the IT infrastructures of governments and organizations with greater frequency and sophistication, often compromising private, confidential information. Hackers frequently sell this data on the cyber black market, particularly personal information like social security and credit card numbers. Cyber crime may also be committed by international organizations or other nations to attack and damage another nation-state’s computer systems, which could affect critical national infrastructure and endanger American citizens and businesses.
Given the growing threats of cyber crime, governments and enterprises are placing a priority on strengthening their cyber security to protect IT systems against cyber attacks. Many organizations are using software encryption to deter potential hackers. Additionally, the federal government released the Cybersecurity National Action Plan (CNAP) that outlines a series of initiatives to modernize government IT and transform how the government manages cybersecurity. Through the CNAP, the federal government plans to develop a $3.1 billion Information Technology Modernization Fund to facilitate the replacement and modernization of old, outdated IT systems that are difficult to secure and expensive to maintain. A new position, the Federal Chief Information Security Officer, has also been created to drive these changes and create a coherent response to cyber defense. The President’s Fiscal Year 2017 budget includes over $19 billion of funds to be allocated towards spending on cybersecurity resources. Renewing and rebuilding government IT infrastructure is critical for better data security and protection.
As federal and local governments focus on strengthening their IT infrastructure, cybersecurity presents an opportunity for strategic public-private partnerships. Private technology firms have developed efficient, strategic softwares that can protect government IT systems in cost-effective, secure ways. I learned about this type of technological innovation firsthand during my summer internship at VMware, a technology company that provides cloud and virtualization software and services to public sector and private organizations. Through my internship, I supported VMware’s public sector team, which focuses on reducing the cost and IT complexity of education and state and local government services. VMware has developed innovative technologies to increase network security and firewall capabilities, disaster recovery, IT agility, and public and private cloud integration. These technologies help detect and eliminate cyber threats at all levels of government and educational institutions. VMware Chief Information Officer Bask Iyer explains, “For the foreseeable future, it’s clear that we can no longer afford to entertain the idea that our current security efforts are sufficient. But we can engage and take back control of our digital world.”
Cybersecurity has been a highly-debated topic in the upcoming presidential election. After the first presidential debate, it became clear that the candidates have different approaches regarding cybersecurity issues and solutions. In response to a question about how they would address cybersecurity challenges and growing international threats, Hillary Clinton explained, “I think cybersecurity, cyberwarfare, will be one of the biggest challenges facing the next president because, clearly, we’re facing at this point two different kinds of adversaries. There are independent hacking groups that do it mostly for commercial reasons to try to steal information that they then can use to make money. But increasingly, we are seeing cyberattacks coming from states, organs of states. The most recent and troubling of these attacks has been Russia.” Clinton called for a stronger stance on cyberattacks and emphasized, “We are not going to sit idly by and permit state actors to go after our information, our private-sector information or our public-sector information.” Clinton also brought up the importance of public-private partnerships, especially with regards to ISIS and cyberterrorism: “I think we need to do much more with our tech companies to prevent ISIS and their operatives from being able to use the Internet to radicalize, even direct, people in our country, in Europe and elsewhere.”
Donald Trump responded by emphasizing that cyberattacks can come from anywhere, including individuals sitting on their couches at home: “As far as the cyber, I agree to parts of what Secretary Clinton said. We should be better than anybody else, and perhaps we are not. I don’t think anybody knows it was Russia that broke into the DNC. She’s saying ‘Russia, Russia, Russia,’ but I don’t know–maybe it was. It could be Russia, but it could also be China. It could also be lots of other people. It could also be somebody sitting on their bed that weighs 400 pounds.” Trump agreed that we need to focus on increasing our cybersecurity, explaining, “We have to get very, very tough on cyber and cyber warfare. It is a huge problem. The security aspect of cyber is very, very tough and maybe it’s hardly doable, but I will say we are not doing the job we should be doing.”
As technologies continue to evolve, there is no simple solution to cyber threats. However, with increased public-private partnerships between the government and technology firms, the development of a coherent national action plan, and additional funding towards cyber security, we can bolster our data protection and security to detect and deter potential cyber attacks.