Keeping America Safe: Toward More Secure Networks for Critical Sectors

Past and current efforts to secure digital networks that control America’s critical infrastructure have been insufficient, leaving networks vulnerable to attack. This problem is highlighted in a recent report by MIT’s (Massachusetts Institute of Technology) Center for International Studies (CIS) titled, “Keeping America Safe: Toward More Secure Networks for Critical Sectors.”  The report offers a brief background and in-depth analysis of the persistent problems associated with efforts to secure critical networks, integrating findings from four sector-specific workshops held by CIS.  Workshop participants included individuals from the Electrical, Financial, Communications, and Oil-and-Natural-Gas sectors.  Through this analysis, the report identifies eight strategic challenges that have hindered America’s ability to secure critical infrastructure networks and offers recommendations for the new administration to address those challenges.

According to the report, and perhaps contrary to popular belief, the challenges associated with enhanced network security are not strictly technical in nature. The first challenge presented in the report, for example, highlights the need for improved coordination across the government, which will require a more “directive effort from the White House” in order to change the current status quo.  Furthermore, the report outlines the difficulty with quantifying cyber risk and infrastructure fragility, noting that the “fragility of systems is a salient aspect of risk that concerned participants in all sectors,” and that most participants, excluding those from the financial sector, believed that greater federal tax and regulatory incentives should be offered to companies who invest in higher levels of cybersecurity.  Other problems included the inherent vulnerabilities associated with highly complex hardware, software, and industrial controls; fundamental issues of system architecture associated with networks that utilize the internet (a system not designed for commercial use); the need for an effective deterrence strategy to dissuade aggression against critical systems; and finally, the need to accelerate and enhance the training of cybersecurity professionals.

The CIS report advocates for both immediate and long-term action and champions the development of a coordinated, multi-year effort to fix deep strategic weaknesses present in America’s critical systems. As stated best by the author, “The nation can no longer afford a pattern of uncoordinated executive action and scattershot research. Total security is not achievable. But a materially improved security environment for the infrastructure on which virtually all economic and social activity depend can be created with sufficient resources and political will. Achieving this goal will require a more determined and more directive approach from the highest levels of government and industry. It will also require more energetic and coordinated steps from the President than any of his predecessors has been willing to take.”

Please click the following link to view the full report:  “Keeping America Safe: Toward More Secure Networks for Critical Sectors”