President Obama is passionate about connectivity. He is easily our most Internet-savvy President, and is the first to actively use email while in office. His passion runs so deep that despite dire warnings by the Secret Service and other advisers about the serious risks associated with a President having a BlackBerry, he refused to give it up. Evoking the late Charlton Heston, he famously said, "They're going to have to pry it out of my hands."
Like millions of other wireless users around the world, President Obama has become dependent on being connected. And while he won his fight to keep his BlackBerry, security agencies limited how it could be used and what it could be used for. So, it is clear that the President was forced to strike a compromise between openness—his desire to be able to exchange information and ideas at the touch of a button—and security—the risks that hackers or spies would steal sensitive information or enemies would track his movements by targeting his wireless signal.
What President Obama faced personally, he must now face publicly. And finding the right balance between openness-versus-security is much more complicated when it is viewed on a national and global scale because it requires striking a balance for the hundreds of millions of individuals and business users around the world.
Cyber-threats and Cyber-terrorists But finding the right balance between openness-versus-security needs to be addressed quickly and clearly. Everyday, domestic and international businesses suffer countless intrusions and attacks to their networks resulting in the loss of extremely sensitive data and high-value intellectual property. Last year alone, cyber-criminals stole an estimated $1 trillion in intellectual property from businesses around the globe. And the vast majority of these instances go unreported because businesses fear that negative press regarding their vulnerabilities will send their customers and business partners elsewhere.
The public safety and national security risks from cyber-terrorists and other foreign enemies are even more frightening. Enemies already have tested the security of the networks that operate our power grids and public transportation systems, as well as the highly sensitive networks on which our military operates.
Just this year alone it was reported that the Homeland Security Information Network was hacked, plans for Marine Corps 1 (the new presidential helicopter) were found on a file-sharing network in Iran, and the databases of both Republican and Democratic presidential campaigns were hacked by foreign intruders. Indeed, it is reported that the government computers are probed by unauthorized users hundreds of thousands of times each day.
Despite these security issues, the importance of the Internet to the United States and global economies is extraordinary. During the past eight years, the number of global Internet subscribers has soared from about 400 million in 2001 to more than 1.5 billion. With wireless Internet access becoming mainstream and highly affordable, many of the world's more than four billion mobile phone users (sharply up from the 750 million subscribers in 2000) are becoming more connected and dependent on the Internet. Further, President Obama and other leaders have made expanding broadband Internet access a priority, noting its importance to creating new jobs and providing better social services.
Thus, striking the right balance between openness and security is of great importance as it has serious consequences for national and global economies and for our national security.
Cybersecurity Policy Review While this is a difficult task, it is not a partisan issue. For example, the Bush Administration instituted the Comprehensive National Cybersecurity Initiative, which sought to improve the security of government networks. The Obama Administration has taken further steps in the right direction. Shortly after inauguration, the President commissioned a 60-day inter-agency study to assess U.S. policies and structures for cybersecurity, and involved industry, academia, and international entities and allies in this dialogue.
The study resulted in a well drafted Cyberspace Policy Review which has important and viable recommendations for securing networks for both government and the private sector. This is important because more than 80% of networks are owned or operated by private entities. This means that domestic and international businesses must have a major role to play in cybersecurity and thus the formation of cybersecurity policy.
Accomplishing this complex task necessarily requires striking the balance between security and openness. The Review emphasizes that this balance must be answered from the top-that leadership from the White House is necessary to "signal to the United States and the international community that we are serious about cybersecurity."
Failing to Answer the Call Yet, the Review was only a first step, and the world has been waiting for the next. Sadly, the Obama Administration is failing to answer the call, and has already started to send mixed signals by pushing key decision making authority down into the bureaucracy by placing the nation's top cybersecurity official beneath both the National Security Council (NSC) and the National Economic Council (NEC)—a recipe for inaction. While it makes perfect sense to coordinate with both the NSC and NEC to address the multifaceted security and economic considerations, we, as past active participants in the interagency high tech policymaking process, know that leadership is a choice.
Relegating the cybersecurity official to a dependent status under both agencies will only weaken the hand of the White House, strengthen the hand of other competing agencies, and lead to turf battles and indecision. Further, with fears rising due to Congressional legislation that may grant cybersecurity emergency powers to the President, immediate public outreach is a must.
Strong competing national interests decisions are made by presidents; and the longer and harder it takes for decisions to reach the President, the less likely it is that effective and timely decisions will get made.
This President has made his own decision to strike a balance between security and openness in order to maintain his ability to engage in the safe and reliable exchange of information and ideas through cyberspace. It is time to do the same for the rest of us.
Thomas R. McCarthy contributed to this piece. It appeared in Telecommunications Online on September 20, 2009.