Given the focus on the FBI/Apple case during the morning keynotes at RSA on Tuesday, I had thought the remarks by Admiral Rogers would have addressed the topic more directly. However, instead of a discussion on encryption and the importance of national security, we were treated to a lesson on the mission statements of the NSA and the US Cyber Command, as well as a call to action for industry and government to partner to stop malicious attackers.
This call to action was one of the most sincere statements I’ve ever heard from a person in government. The Admiral outlined the three areas that keep him up at night:
- It is no longer a matter of if, but when, our critical infrastructure will be attacked. The Ukraine suffered a devastating power outage due to a cyberattack, and this will not be the final cyberwar act we see.
- For a long time, hacks were going after data for profit – and they still are. But what happens when the paradigm shifts, and instead of stealing data, the attackers start manipulating data so we can no longer trust our information to make decisions?
- For the time being, state actors are using information for espionage and gain. But what happens when they start using it for destruction instead?
Of course, now that he mentioned these three things, they are going to keep me up at night as well!
In the past, technological advances originated with the government. GPS and even the Internet as we know it today were part of government programs. But now, advances are coming from private industry, and we are outpacing our own government. The government isn’t able to pay security experts or hackers what private industry can. And as a result, the government needs the private sector to help it with security issues. On the other hand, the government has information the private sector can use in its push for security innovation.
Admiral Rogers’ call to “stop talking past each other and work together” will make us all more secure and safe. He is right; this conversation goes beyond the encryption of an iPhone, or even the precedent that weakening of encryption would set. In the name of economics and safety, industry and government need to work together to create policies and technical advances that will make us all safer.