Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



When Will U.S. Cyber Alarms Match its Cyber Threats?

Former Secretary of State Madeline Albright recently stated that “the world is a mess.” And indeed it is. From Russia’s stoking of a war of insurrection in the Ukraine to the Israel-Hamas war to conflicts in Syria, Iraq and throughout much of the Middle East and North Africa, large swaths of the world are at war.

Former Secretary of State Madeline Albright recently stated that “the world is a mess.” And indeed it is. From Russia’s stoking of a war of insurrection in the Ukraine to the Israel-Hamas war to conflicts in Syria, Iraq and throughout much of the Middle East and North Africa, large swaths of the world are at war.

But it is instructive to place such events in perspective. In spite of the significant dangers they pose, these conflicts offer but a prelude to even the greater threat to America’s national security which emanate from the increasing worldwide proliferation of cyber weapons.Cyberwarfare Risks

Why? Because these conflicts, no matter how loud, are still like distant thunder; in the world of cyberattacks ground zero is America’s critical infrastructures and ultimately, our way of life.

Updated 9/11 Commission Report to the Rescue?

The July 22 release of “Reflections on the Tenth Anniversary of The 9/11 Commission Report” arrived carrying for many the potential and the hope for enlightenment and national security direction in today’s turmoil-filled world.

First, a step back. The original 9/11 Commission Report concluded that a primary cause of the 9/11 attacks was “a failure of imagination,” an inability to imagine what might happen, not just prepare based on what had happened in the past.

This new report drives this point home: “One lesson of the 9/11 story is that, as a nation, Americans did not awaken to the gravity of the terrorist threat until it was too late.”

The authors then conclude, “History may be repeating itself in the cyber realm.  The Internet’s vulnerabilities are outpacing the nation’s ability to secure it.”

Advertisement. Scroll to continue reading.

Where to From Here?

9/11 repeating itself is not something we want to hear. At this point a few solid prescriptions for action from the Commission would be in order. 

But that was not to be. The report’s alarms quickly dissolve into a treatise about subjects such as working with allies to establish norms of cyberspace behavior and of the importance of improving private sector/government collaboration on cyber threats.

US Cybersecurity Risks

In its analysis, CNN’s biggest takeaway from the report? The importance of informing the American people on what they need to know about the threats of cyberattacks.  An important point but hardly a breakthrough prescription for national security in the cyber era.

It is difficult not to sense that what is missing in this updated report lies in the authors’ tone. Where is their sense of urgency?  The bat to the side of the head that may be an unfortunate necessity if America is to awaken to the consequences of cyber attacks?

Given the report’s descriptions of the many threats facing the United States it is possible to conclude that even the authors had perhaps not fully yet awakened to the magnitude of the dangers looming behind the conclusions they themselves had reached.

Admittedly, the ability to anticipate the nature of future cyberattacks is extraordinarily difficult. Advances in cybersecurity technology can be predicted for only short periods in the future. It is near impossible to predict the geopolitical and economic influences which can shape the nature of tomorrow’s cyberwarfare.

Which brings us back to the aforementioned key finding of the original 9/11 Commission Report: this is where imagination must step in. Such imagination would have formed an invaluable element of this new report, but is missing. In the scope of America’s national cybersecurity, we seem to be blithely passing by this defining need.

One can only hope our nation’s alarm clocks wake up and stir our national leaders’ imaginations before a cyber incident of the magnitude of 9/11 results in the need for a “Cyber Strikes Commission Report.”

Related Reading: US Unprepared for Cyber-Attack: 9/11 Report Authors

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet