For the past couple of years, Gen. Keith Alexander, the head of the National Security Agency and U.S. Cyber Command, has been outspoken in warning that private-sector computer networks, upon which the U.S. economy depends, are vulnerable to intrusion. Gen. Alexander stated repeatedly that such attacks should be met with stronger defenses that would require the sophisticated tools of the government. He argued this case before Congress, which considered legislation that would have eased the way for closer cooperation between the government and the private sector. The legislation made sense, but Congress failed to reach agreement on a bill in the last session.
Now, a new factor has intervened that seems to have further darkened the prospects for legislation: the disclosure by Edward Snowden, the former government contractor, of wide-ranging telephone and Internet surveillance of Americans by the NSA under Gen. Alexander’s leadership. The revelations of broad NSA surveillance have raised fresh doubts in corporate executive suites about closer collaboration.
The House passed cybersecurity legislation in April, but its chances in the Senate appear to have evaporated. As Congress was balking, President Obama stepped in in February with an executive order that included some modest steps to help companies deal with cyberthreats. But his order does not go as far as what’s needed.
Now, the political ground has shifted, and the U.S. government is not going to come to the rescue any time soon of companies under siege by cyber burglars and bullies. The debate must shift to how data networks can be secured by the companies and organizations that own them.