Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

General Alexander: Organizations Should be Required to Secure Networks

In a letter to Senator John McCain, originally obtained by the Washington Post for a report published last Friday, General Keith Alexander, the director of the NSA and current commander of the U.S. Cyber Command, says that the U.S. should implement policy that would require hardened network defenses.

In a letter to Senator John McCain, originally obtained by the Washington Post for a report published last Friday, General Keith Alexander, the director of the NSA and current commander of the U.S. Cyber Command, says that the U.S. should implement policy that would require hardened network defenses.

In Senator McCain’s letter, he asked General Alexander to explain what additional authorities he believed were necessary in order to defend the U.S. from a cyber attack initiated by a peer-competitor like China or Russia.

In his response, the head of the U.S. Cyber Command told the one-time presidential hopeful that legislation is needed for “information sharing and core critical infrastructure hardening,” adding that if the Department of Defense is to defend the nation against cyber attack, it must be able to see those attacks in real time.

Cyber Command“This requires legislation that, at a minimum, removes existing barriers and disincentives that inhibit the owners of the critical infrastructure from sharing cyber threat indicators with the Government,” General Alexander wrote.

“Additionally, given DoD reliance on certain core critical infrastructure to execute its mission, as well as the importance of the Nation’s critical infrastructure to our national and economic security overall, legislation is also needed to ensure that infrastructure is efficiently hardened and resilient. Recent events have shown that a purely voluntary and market driven system is not sufficient.”

He believes that some minimum-security requirements are necessary in order to ensure critical infrastructure is taking “appropriate measures to harden its networks…” At the same time, he added, it is important that legislative requirements not be too burdensome.

When asked which agency within the federal government has the most cybersecurity expertise and is most capable of protecting critical infrastructure, General Alexander said that none of them are.

“No single public or private entity has all of the required authorities, resources, and capabilities; cybersecurity requires a team… protecting our national interest in the cyber realm requires a team effort consisting of DHS, FBI, NSA/CSS and USCYBERCOM.”

The entire letter is worth a read. It was recently published in full by PublicIntelligence.net.

Advertisement. Scroll to continue reading.
Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

The US arm of networking giant TP-Link has appointed Adam Robertson as Director of Information and Security.

Raj Dodhiawala has been named Chief Product Officer at Eclypsium.

Cyber exposure management firm Armis has promoted Alex Mosher to President.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.