Pass It On
The United States does not possess a sufficient cyber security framework. Over eighty-five percent of the critical infrastructure in the United States is controlled by private industry. The greatest concern is an intentional cyber attack against electronic control systems that regulate thousands of interconnected computers, routers, and switches. The centralized computer networks controlling the U.S. infrastructure presents tempting targets.
Generally, there are four types of cyber attacks. First, the most common, is service disruption—which aims to flood the target computer with data packets or connection requests, thereby making it unavailable to the user. The second type is designed to capture and control certain elements of cyberspace in order to use them as actual weapons. The third category of cyber attack is aimed at theft of assets from, for example, financial institutions. The fourth category of cyber attack can be a conventional explosive attack on a physical structure, such as a building.
The government’s approach to cyber security has been one of cooperative engagement and not mandatory regulation. Unfortunately, cooperation between the government and the private sector has been weak. Very few private companies have exhibited interest in joining the cyber security effort to the degree that the various government strategies require. Partnering the private industry with the government is imperative to an effective cyber security system.
Jeffrey F. Addicott, Cyber Security and the Government/ Private Sector Connection, 21 Pass it On 1, Spring 2012.