WEBINAR: Live Event Date: September 20, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Designing a Proactive Approach to Information Security with Cyber Threat Hunting REGISTER >
President Obama is pushing to improve the nation's cybersecurity defenses. He's doing so with money and the power of the presidency. In his 2010 and 2011 budgets, Obama pumped hundreds of millions into the budget to bolster the nation's cyber defenses, and Obama's leadership is motivating colleges and universities to step up and train an army of cyber warriors.
Obama knows firsthand what it's like to get hacked. In 2008, his campaign's computer system was broken into.
"It's no secret that my presidential campaign harnessed the Internet and technology to transform our politics," Obama said in a May 2009 speech. "What isn't widely known is that during the general election hackers managed to penetrate our computer systems."
During the same speech Obama explained the impact weak cybersecurity could have on all of us.
"This is a matter, as well, of America's economic competitiveness. The small businesswoman in St. Louis, the bond trader in the New York Stock Exchange, the workers at a global shipping company in Memphis, the young entrepreneur in Silicon Valley -- they all need the networks to make the next payroll, the next trade, the next delivery, the next great breakthrough. E-commerce alone last year accounted for some $132 billion in retail sales," he said.
Worldwide, cyber criminals, in one year, stole $1 trillion worth of intellectual property, Obama said.
And that's why, when he took office in 2009, Obama ordered a complete review of the nation's cyberspace infrastructure called the Cyberspace Policy Review. The document produced by the 60-day study had this to say:
The architecture of the Nations digital infrastructure, based largely upon the Internet, is not secure or resilient. Without major advances in the security of these systems or significant change in how they are constructed or operated, it is doubtful that the United States can protect itself from the growing threat of cybercrime and state-sponsored intrusions and operations.
"We will begin a national campaign to promote cybersecurity awareness and digital literacy from our boardrooms to our classrooms, and to build a digital workforce for the 21st century. And that's why we're making a new commitment to education in math and science, and historic investments in science and research and development," Obama said. "Because it's not enough for our children and students to master today's technologies -- social networking and e-mailing and texting and blogging -- we need them to pioneer the technologies that will allow us to work effectively through these new media and allow us to prosper in the future. So these are the things we will do."
On Dec. 21, 2009, Obama appointed Howard Schmidt to be the first White House cybersecurity coordinator.
Responding to Obama's call to action, in February, the University of Maryland University College created the "National Center for Excellence for Cybersecurity." The new program is set to kick off this fall and offers bachelor's and master's degrees in cybersecurity.
"UMUC's mission is to offer top-quality education programs that respond to the needs of our state, nation and world," said UMUC President Susan C. Aldridge in a statement. "Our new undergraduate and graduate level cybersecurity programs address the critical need to protect our nation's vital and growing cyber infrastructure and to address the serious workforce shortages of highly skilled professionals within the cybersecurity industry."
Dr. Alan Carswell, UMUC's chair of the information and technology systems department for graduate programs, said that President Obama has identified cybersecurity as a major need and vulnerability. He said that cybersecurity is a career for the future and that UMUC has responded with a program to create a new class of cyber warriors.
The threat is virtual, but it's real
The FBI has ranked cyber attacks as the third greatest threat to the security of the United States behind a nuclear attack and weapons of mass destruction attack. They're calling it 'cybergeddon.'
Cybergeddon is an attack by hackers on a country's computer infrastructure.
"So cyberspace is real. And so are the risks that come with it," Obama said.
Ten years ago, most hackers were geeks who got off on hacking into a company's network just to see if they could bragging rights. Now, nation-states, particularly China, are posing a very real and well-funded threat to the nation's computer infrastructure.
Earlier this year, Google announced that its corporate network was hacked and the company pulled out of China.
Stepping up to fight in this new virtual battlefield are cyber warriors, such as those from Towson University who won the 5th Mid-Atlantic Regional Collegiate Cyber Defense Competition and those at Northeastern University who won the 2010 National Collegiate Cyber Defense Competition.
The students from Towson were able to thwart hacker attacks in part by using Solera Networks' Virtual Appliance it's a packet capture system. Solera Director of Marketing Alan Hall called it a "video camera for your network."
Hoping to tap into the newfound interest in training a new breed of cyber warriors, Solera is donating its Virtual Appliance to any college or university that wants to use it to educate students. It sells for around $10,000.
The company's "Donate and Defend" program has just gotten underway, but 38 colleges have expressed interest in incorporating it into their criteria this fall, Halls said.
And at Northeastern, they've got a vibrant master's of science information assurance program. For all intents and purposes, information assurance is synonymous with cybersecurity, but according to Themis Papageorge, Northeastern's director of information assurance program, IA is more broad.
He said that the idea of information assurance began back in 1998 with a presidential directive. It covers everything from computer security, to policy decisions, fraud and digital forensics. The term cybersecurity, Papageorge said began popping up in dialog about five years ago. He said cybersecurity is more focused on cyberspace.
Northeastern got into the business of training information assurance professionals when government agencies and corporations started asking for them.
"Demand is very strong," he said. "It will remain strong for years."
In fact, he said that this year Northeastern was unable to fill all of the requests for trained information assurance professionals.
"But we need to remember: We're only at the beginning," Obama said about cyberspace and cybersecurity. "The epochs of history are long -- the Agricultural Revolution; the Industrial Revolution. By comparison, our Information Age is still in its infancy. We're only at Web 2.0. Now our virtual world is going viral. And we've only just begun to explore the next generation of technologies that will transform our lives in ways we can't even begin to imagine."
Keith Vance is a software engineer and a journalist. He's been developing Web applications professionally since 1997, and he received his journalism degree from the University of Washington in 2008.