Cybersecurity, Terrorism and the Need for US Action
It's old news that a federal agency, using easily available software off the internet, discovered that they could shut down the power grid in major cities, disrupt 911 service and damage the computer systems on a US Navy Cruiser.

It's last year's news that a senior Pentagon official discussed the use of "cyber sanctuaries" by terrorists who can use the sites to "conceal their identities, to move money, to encrypt messages, even to plan and conduct operations remotely."

It's current news that federal agencies received an average grade of D+ in the fifth annual Federal Computer Security Grades handed out by the Chairman of the House Government Reform Committee. It's disturbing news that the Department of Homeland Security, the federal agency with primary responsibility for protecting the nation's cybersecurity, received an F for the second year in a row. As Rep. Davis explained, "The vulnerabilities of our systems are significant and the potential damage that can be done is almost unspeakable."

Along with the cybersecurity report card, the Chairman introduced "a new program to provide chief information security officers with best practices and support from the public and private sector. The CISO Exchange will bring together industry and agency security experts in quarterly meetings to discuss issues and lessons learned, and produce a report on federal IT security priorities and operational issues."

The CISO Exchange is an important step in protecting US cybersecurity, but it is only a step. There is an evident and pressing need for greater action and cooperation by federal agencies and private sector stakeholders to work together to improve IT security. Certain federal agencies may require additional resources to undertake and fulfill their missions. Although budget cutbacks are understandably underway, it is difficult to imagine a much higher priority than cybersecurity.