Washington, D.C. – To ensure
America is fully prepared to prevent future cyber attacks, U.S. Senator Kirsten
Gillibrand announced Senate passage of a legislative provision she authored
that would require a full assessment of the military’s needs for additional
cyber security personnel and training and harness private sector resources to
strengthen U.S. preparedness. The language was included in the Defense
Reauthorization Bill that passed the Senate this evening, and will now go to
the President for his signature.
“Cyber security is a top priority for
our national security,” Senator Gillibrand said. “Devoting more attention to
exploring our technological vulnerabilities and mounting an aggressive defense
against cyber attacks and cyber terrorism has become a national security
imperative. Additional reports to Congress should focus on these issues.
We must have a comprehensive review of our cyber security needs, and the
inclusion of this provision will work to ensure that we have the resources we
need to protect us from cyber attacks.”
The language included in the Defense
Authorization bill would require the Secretary of Defense to submit a report to
Congress within one year on the state of cyber security and recommendations to
increase cyber expertise. The report would specifically include:
- An
assessment of the military’s needs for additional cyber security personnel and
training. - The
training and career development process for cyber security professionals. - Incentive
programs to recruit and retain cyber personnel, and potential obstacles to
recruitment. - The
effectiveness of education and outreach efforts to attract cyber personnel. - The
use of civilian and military personnel to fulfill cyber security needs. - Efforts
to coordinate with private sector and industry resources, and establish
public-private partnerships to improve the availability of cyber
personnel.
According to some estimates, government
and industry currently has access to less than 1,000 highly skilled cyber
security experts, but the need is as high as 20,000 to 30,000 individuals
capable of protecting the nation’s networks.
Recent cyber attacks against U.S.
intelligence and military targets have resulted in the U.S. Department of
Defense (DOD) spending more than $100 million in the first six months of 2009
to repair damage to networks caused by cyber attacks. A report from the Center
for Strategic and International Studies says that U.S. companies have lost
billions in intellectual property because of cyber attacks.
The CSIS report also stated that cyber
attacks have joined terrorism and weapons of mass destruction as one of the
new, asymmetric threats that put the U.S. and its allies at risk. A growing
array of state and non-state actors, such as terrorists and international
criminal groups are targeting U.S. citizens, commerce, and the information
infrastructure of America, including the Internet, telecommunications networks,
computer systems, embedded processors and controllers in critical industries to
steal, exploit, disrupt or destroy information.
Cyber exploitation activity has grown
more sophisticated and targeted over the past year and is expected to increase.
Relevant international cyber security agreements focus only on issues relating
to cyber crime and common operating standards and have not been signed by
certain countries from which cyber attacks may be launched.
Earlier this year, Senator Gillibrand
introduced innovative legislation to stem the threat of a global cyber attack.
The Fostering
a Global Response to Cyber Attack Act would bring the U.S. together
with its allies in the international community to harness the strength of their
partnerships, and create the right defense to protect Americans and the
citizens of all nations from cyber attacks.