Cyber-security experts: Put trust in the private sector


The government should help, not hinder, technology companies

By Evan Wilt

 

(WNS)–To fully protect the nation from cyber-attacks, the United States needs the private sector to lead the way, according to national security experts.

“We’re going to have to rely on Tim Cook more than we’re going to have to rely on Jim Comey,” former CIA Director Michael Hayden said Oct. 18 at a Heritage Foundation cyber security forum.

FILE - In this Feb. 17, 2016 file photo an iPhone is seen in Washington. FBI Director James Comey hinted at an event in London on Thursday, April 21, 2016, that the FBI paid more than $1 million to break into the locked iPhone used by one of the San Bernardino attackers. (AP Photo/Carolyn Kaster, File)

FILE – In this Feb. 17, 2016 file photo an iPhone is seen in Washington. FBI Director James Comey hinted at an event in London on Thursday, April 21, 2016, that the FBI paid more than $1 million to break into the locked iPhone used by one of the San Bernardino attackers. (AP Photo/Carolyn Kaster, File)

The cyber domain is reshaping the way the government thinks about security, Hayden said. And as threats from enemy nations, terror groups, and rogue hackers grow, U.S. officials need to get out of the way of private sector security innovation.

In February, FBI Director James Comey asked Apple CEO Tim Cook to assist the agency in unlocking an iPhone used by one of the San Bernardino, Calif., terror attackers. The FBI could not get past the phone’s encryption without triggering a failsafe that would have locked the phone forever. Comey wanted Apple to create a way to deactivate the failsafe and allow the FBI unlimited attempts to unlock the phone and access its data.

Cook refused, noting in an open letter the proposed backdoor would put every iPhone at risk.

Comey later pleaded with Congress to find a way to force Apple into helping the FBI, without success.

Hayden thinks Comey had every right to compel Apple to create the software but said that’s not the real issue.

“It’s not a question of is this lawful, it’s a question of is that a good idea,” Hayden said. “Even for a legitimate government activity, how much do we want to make the private sector subordinate to government needs?”

Frank Cilluffo, director of George Washington University’s Center for Cyber and Homeland Security, said these are the kinds of questions the next administration will have to deal with.

“You can’t fight wars, you can’t steal secrets, and you can’t do security without having a cyber capability,” Cilluffo said. “Cyber is its own domain but it also transcends all existing domains of air, land, sea.”

Cilluffo agreed with Hayden’s assessment: Future lawmakers need to create an environment for the private sector to lead cyber-security innovation.

“Government is not going to be the answer here,” he said. “The government has to lead by example, get its own house in order, but it’s ultimately going to be the private sector that’s driving us.”

In June, current CIA Director John Brennan told the Senate Intelligence Committee the government is ill-prepared to counter terrorists online, where groups like Islamic State (ISIS) have been extremely effective at recruiting and radicalizing followers.

Given the robust ISIS influence on social media, U.S. officials would be foolish to think the group won’t eventually turn to attacks against American computer networks, Cilluffo said. Since it’s impossible to defend against every kind of cyber attack, lawmakers need to create a framework for the private sector that allows and encourages innovation.

“They’re the ones who have the most innovative tools, they’re the ones who have the most innovative techniques, and they’re the ones who have, ultimately, a major part of the solution set here,” Cilluffo said.

 




Leave a Reply