Press Release - The President Must Prioritize Cybersecurity
The United States helped drive the information revolution and created the internet. We benefit tremendously from the open and dynamic architecture of an internet that has become the backbone of global communication and commerce.
Given the reliance of the United States government and the private sector on the internet, it is disturbing we remain vulnerable to its disruption and misuse. We have ceded the initiative to those who wish to steal, disrupt, and destroy the intellectual property, personal information, and treasure we entrust to the internet, and, in so doing, we have allowed these adversaries to threaten our citizens' inherent right to a trusted, free and open internet.
It doesn't have to be this way.
I recently visited Estonia, a country of 1.3 million people that, after escaping Soviet Communism, aggressively pursued free market economic reforms and sought to make Estonia a leader in the internet economy. Their plans were severely disrupted when a 2007 cyberattack sourced to Russia temporarily crippled the small country's internet-reliant government and economy. But the Estonians picked themselves up and, with leadership and serious effort, turned their vulnerability into a strength. Today, Estonia is at the forefront of the internet economy and a leader not only in connecting its citizens but also in protecting their data and networks from intrusion.
Estonia's lesson is a good one for us — if you rely on the internet, you need to invest in protecting it. This is a lesson for average citizens, IT managers, and government bureaucrats alike, who need to take proactive steps to educate themselves and protect their data, but, above all, it is a lesson for the Commander in Chief.
Our military, government, and economy rely on the internet to function effectively. There is no going back; our relationship with networks of information must evolve and adapt with the internet's own evolution. Something so important must be a priority for the U.S. government, and yet it is not.
Effective cybersecurity involves far more than technology, engineering, firewalls, or perimeter defenses. It begins with an appreciation of the extraordinary contributions the internet makes to our economy, our education system, our culture, and our society. We must understand the importance of the internet's infrastructure, the data it contains, and the responsibilities of those who build, sustain and use it to ensure its robust defense. That includes all of us — individuals, educators, the private sector, and the government all working in concert to achieve the promise of the internet — and this is where Presidential leadership is so important.
The President can issue an Executive Order or give a speech about cybersecurity, but without sustained leadership and determined implementation — including a concerted effort to work with the Congress — we will not adapt to meet the growing threats. Recent high-profile intrusions into private and government networks suggest we are not meeting this challenge.
The recent example of the Office of Personnel Management is emblematic of the cultural failure of the Obama Administration to take these threats seriously. A recent Inspector General report indicates that vulnerabilities to OPM's systems had been identified as much as a year ago. And no one can suggest the government did not understand the value of millions of personnel records — many of which included the intrusive and sensitive personnel questionnaire (the "SF-86"). OPM officials knew this data was valuable, knew it was sensitive, and knew it was vulnerable. What use is it that President Obama issued an Executive Order or gave a thoughtful speech about cybersecurity if his own Office of Personnel Management — the human resources department of the entire US Government — failed to take basic steps to protect the sensitive personal information of millions of its employees?
Where is the accountability? What consequences will there be for political appointees or bureaucrats who failed to heed warnings and adequately protect these key databases? What will happen to Katherine Archuleta who served as the National Political Director For President Obama's 2012 reelection campaign before assuming her role as OPM Director? What message will it send to other managers throughout the government — and private sector — if there isn't accountability?
Sophisticated foreign intelligence services, non-state hackers, and cyber troublemakers are all doing great damage to our economy and national security, and the threat is growing. The NSA is critical to our defense against foreign cyber-threats, and yet the political class in Washington has been more interested in treating the NSA as an enemy of the state rather than its defender. We need to preserve and enhance the capabilities of the U.S. intelligence community and law enforcement to identify, deter, and respond to cyber-attacks.
Given the growing physical and cyber threats to our national security, it is past time to reverse the trend in defense and intelligence spending. If elected President, my budget will reflect the importance of protecting America from these threats, and I will undo the damage the President's defense budgets and Sequestration have done to the Defense Department and Intelligence Community in this era of growing threats — cyber and traditional — to the United States and its citizens.
We are not powerless unless we choose to be. It would be a start for the President to show leadership on Capitol Hill, and to throw his weight behind the House's effort to improve cybersecurity information-sharing between the government and the private sector — a critical impediment to cybersecurity according to experts. For three Congresses in a row, the House of Representatives has passed information-sharing legislation only to see it stonewalled by Senate Democrats. Just recently, with the OPM databreach still on the front page, Senate Democrats yet again blocked Senate consideration of information-sharing legislation. President Obama should step up, show some leadership, and work with Congress to pass this legislation — a key step towards creating a more robust public-private partnership.
Cybersecurity should be considered a critical element of our national defense, economic well-being, and national resilience. We need a President with the experience and trust necessary to mobilize public and private resources to ensure that our critical infrastructure, networks, and communications remain secure. These efforts will help guarantee America remains on top throughout the ongoing technological and communications revolutions that will transform fundamental aspects of our world, economy, and society.
Jeb Bush, Press Release - The President Must Prioritize Cybersecurity Online by Gerhard Peters and John T. Woolley, The American Presidency Project https://www.presidency.ucsb.edu/node/312836