Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

General Alexander: Organizations Should be Required to Secure Networks

In a letter to Senator John McCain, originally obtained by the Washington Post for a report published last Friday, General Keith Alexander, the director of the NSA and current commander of the U.S. Cyber Command, says that the U.S. should implement policy that would require hardened network defenses.

In a letter to Senator John McCain, originally obtained by the Washington Post for a report published last Friday, General Keith Alexander, the director of the NSA and current commander of the U.S. Cyber Command, says that the U.S. should implement policy that would require hardened network defenses.

In Senator McCain’s letter, he asked General Alexander to explain what additional authorities he believed were necessary in order to defend the U.S. from a cyber attack initiated by a peer-competitor like China or Russia.

In his response, the head of the U.S. Cyber Command told the one-time presidential hopeful that legislation is needed for “information sharing and core critical infrastructure hardening,” adding that if the Department of Defense is to defend the nation against cyber attack, it must be able to see those attacks in real time.

Cyber Command“This requires legislation that, at a minimum, removes existing barriers and disincentives that inhibit the owners of the critical infrastructure from sharing cyber threat indicators with the Government,” General Alexander wrote.

“Additionally, given DoD reliance on certain core critical infrastructure to execute its mission, as well as the importance of the Nation’s critical infrastructure to our national and economic security overall, legislation is also needed to ensure that infrastructure is efficiently hardened and resilient. Recent events have shown that a purely voluntary and market driven system is not sufficient.”

He believes that some minimum-security requirements are necessary in order to ensure critical infrastructure is taking “appropriate measures to harden its networks…” At the same time, he added, it is important that legislative requirements not be too burdensome.

When asked which agency within the federal government has the most cybersecurity expertise and is most capable of protecting critical infrastructure, General Alexander said that none of them are.

“No single public or private entity has all of the required authorities, resources, and capabilities; cybersecurity requires a team… protecting our national interest in the cyber realm requires a team effort consisting of DHS, FBI, NSA/CSS and USCYBERCOM.”

The entire letter is worth a read. It was recently published in full by PublicIntelligence.net.

Written By

Click to comment

Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...