How do we find out what both the U.S. Democratic candidates’ and the U.S. Republican candidates' positions are on the cyber threat to public safety and to U.S. national and economic security?
President Bill Clinton and President George W. Bush were clueless regarding the cyber threat when they each took office. It took both of them several years to realize there was a threat and even more time to address it. Once President Clinton started to address the cyber threat, we had the Bush administration take over and then we started over again. The attacks of 911 shifted the momentum from cyber back to physical security. It wasn't until the end of the Bush administration that the momentum shifted back toward cyber.
In 2007, the Center for Strategic and International Studies (CSIS) launched the Commission on Cybersecurity for the 44th Presidency to produce a report for the newly elected president. An excellent initiative. The cyber czars for each candidate also participated in the Commission.
At the time, I was teaching a class on the cyber threat to national security in the International Affairs graduate program at George Washington University. Most of the students worked for the State Department, CIA, NSA or were congressional staffers (mostly leaning to the conservative side).
I contacted the cyber czars for both Senator Obama and Senator McCain and got permission for my class to email them to find out what their candidates’ positions were on cybersecurity.
Paul Kurtz (Obama's cyber guy) provided a several page PDF document on his plan for cybersecurity. Orson Swindle (McCain's cyber guy) sent each student a single paragraph in an email that said “Sen. McCain is a national security expert. Cyber security is a national security threat. Therefore, Sen. McCain will address the cyber threat.”
I have to tell you, my students and I were underwhelmed by the McCain position. I watched a fairly conservative class turn away from McCain and toward Obama.
Now maybe President Obama had a plan but in 8 years I haven't really seen much action.
I would certainly like the media and the public to ask both parties’ candidates questions about cybersecurity and their proposed policies, and hold their feet to the fire. How about you?
Jim Christy is VP of Investigations and Digital Forensics at Cymmetria. Jim retired from the U.S. government in 2013, ending a career investigating computer crimes and running digital forensics labs that began in 1986 at the Air Force Office of Special Investigations.
Jim can be reached by email at firstname.lastname@example.org.
Connect with Jim on Twitter: @jimchristyusdfc