Cybersecurity – Critical Budget Item, Costly Price Tag

By Mary Scott Nabers

SPI President & CEO Mary Scott Nabers

A former Secretary of Defense said recently that a cyber-attack on the United States could be as destructive as the terrorist-attack of 9/11. That’s a bold and disturbing statement. Indicating the truth in that statement, however, is the fact that the Pentagon last year proposed a $23 billion plan designed to protect federal networks and prepare the country for greater offensive capability related to cybersecurity.

Recent breaches of corporate networks made headlines for weeks. The cyber-attacks included private sector firms JP Morgan, Home Depot and Target, along with others. Each attack involved sensitive financial information about consumers, including credit card account information.

The most notable cyber-attack in recent days, however, hit Sony Pictures. Both the Justice Department and Sony blamed North Korea because the attackers threatened Sony regarding the Seth Rogan and James Franco film, The Interview. The origins of the attack and the extent of North Korea’s involvement may never be completely revealed, but the financial devastation as well as the power of a cyber-threat was universally obvious.

Public officials at every level of government are aware of the dangers of cybersecurity.  In spite of that, they really have no choice other than to move to digital data that is more vulnerable than analog records.

The recent cyber-attacks demonstrated that even very sophisticated networks are penetrable.  And, while the attacks on Target, JP Morgan and Home Depot caused consumer panic and millions in lost revenue, the Sony breach was even more destructive.  The unauthorized release of feature films Annie, Fury, Mr. Turner and Still Alice, not to mention revenue lost related to the release of The Interview, resulted in losses that exceeded $100 million.

The federal government suffered an information security breach last summer when the Office of Personnel Management’s network was hacked. Information accessed included a program for processing security clearances as well as contact information of federal employees and their closest contacts or relatives. The Washington Post reported that the Government Accountability Office recorded 25,566 “information security incidents” in 2013.

United States citizens seem to worry most about the vast amount of digital records housed on private and public servers throughout the country that are related to electronic medical records and tax records. But, all types of sensitive data are vulnerable without continual and ever-diligent attention to security. Protecting the country’s networks in future years will be more costly than most taxpayers have ever contemplated.