Is It Time for Federal and State Leaders to Improve Cybersecurity Efforts?

Seven Ways to Improve Cybersecurity Through Behavioral Analysis

Is 2016 the year that we make cybersecurity an election issue? Or has it finally become one of the few areas we can all (almost) agree needs to be a governmental priority at all levels?

Yes, I know, we’re still nine months away from 2016, but we all know that politics doesn’t care about a calendar. Two cybersecurity issues in political landscape stories caught my eye today, which leads me to believe that this is an issue that people are starting to care about.

First, there was the announcement that the House Intelligence committee unanimously approved threat-sharing legislation. This comes on the heels of the corresponding Senate committee passing similar legislation with only one nay vote. When was the last time Congress agreed that much on anything?

According to the National Journal, the House bill will encourage companies to openly discuss cybersecurity issues:

The House bill seeks to entice companies into voluntarily sharing more “cyberthreat indicators”—or computer data related to cybersecurity—with the government by offering them expanded liability protections for doing so. By sharing and analyzing greater amounts of data, backers of the bill say, government agencies and businesses can more effectively detect, minimize, and possibly even prevent debilitating hacks like the one that recently crippled Sony Pictures.

There are still a lot of concerns about data privacy, and obviously, I don’t expect the legislation to pass so easily in a full Congress. However, it is good to see that on some level, there is a growing recognition that cybersecurity should be addressed and there has to be more compromise between the public and private sectors.

For the most part when I’ve talked about cybersecurity-related legislation, it has been on the federal level. That is where it needs to be, since the Internet doesn’t neatly fit into state borders. However, the second article that I read pointed out that states have a responsibility to promote better cybersecurity, too.

Dave DeWalt, CEO of FireEye, plans to address the National Governors Association (NGA) next week to discuss the state’s role in increasing cyberdefenses. DeWalt was quoted on MarketWatch in a release about his attendance at the NGA summit:

The data on state networks and the critical infrastructure supported by our states is attracting the attention of a growing number of today’s cybercriminals. Government officials, who are typically prepared to address natural disasters, are now recognizing that states need to be prepared for cyberattacks.

In December, I predicted that 2015 would be the year that government leaders finally do something about cybersecurity. I’m going to go out on another limb and suggest that in 2016, smart candidates will add cybersecurity to their platforms and will make it a top priority for discussion. When we see the increase in breaches and vulnerabilities, as well as the growing concern of Internet espionage, I don’t see how anyone in a leadership role can stay silent or ignore the topic anymore.

Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom’s Guide. You can reach Sue via Twitter: @sueporemba.