Order mandating cyber security guidelines benefits private sector

May 28, 2013 — by Matt Foley and Nelson Wang

The virus lay dormant in ten thousands of computers until it reached its target: Iran’s nuclear program. 

The virus lay dormant in ten thousands of computers until it reached its target: Iran’s nuclear program. 
The true potency of cyber attacks was unveiled to the public when the Stuxnet virus crippled the centrifuge at a nuclear enrichment facility in Iran in 2010. This attack is believed to have been launched by the United States and Israel, an indication that the U.S. government has turned its focus to cyber warfare. 
Obama has issued an executive order directing federal agencies to develop guidelines for companies to follow: a step in the right direction to ensure protection to U.S. companies from cyber attacks. The order also calls for cooperation between the private sector and federal agencies, allowing the government to investigate cyber attacks on the private sector.
This order from Obama would help U.S. companies protect themselves from the ever-growing threat presented in the form of hackers around the world. Many of these hackers come from or are hired by countries who are at diplomatic odds with the United States, including China, Iran and possibly North Korea.
Recent reports have revealed that the North Korean government has likely set up a department to carry out cyber attacks for the country. Little was known about these fabled hackers until March of this year, when South Korean networks were attacked. 
The attack was originally believed to have originated from China, but after further investigation, it was found that a group of North Korean hackers were actually behind the events, though little came of the revelation. The attacks, however, resulted in down time for more than 30,000 computers linked to South Korean broadcasting networks. Obama’s new policies would prevent something like this from occurring in the United States.
Having voluntary guidelines for companies to follow, as well as laws requiring certain preventative measures to be put in place would help protect companies from falling victim to cyber threats, even if the hackers carrying out these attacks are not associated with a foreign country’s government.
Many companies have already been the target of cyber threats, including the New York Times. In this instance, Chinese hackers looked for information regarding reporting on human rights activists in China. 
Creating guidelines for companies to follow and passing laws to mandate certain defense mechanisms would help protect the personal information of employees, as well as users of the company’s product. The laws would also punish companies who do not do enough to protect the information of their clients, which should always be a company’s primary concern.
While the forceful acquisition of personal information is a concern to the government, Obama’s order was primarily made to curb the stealing of intellectual property belonging to U.S. companies. According to the U.S. International Trade Commision, piracy and counterfeiting of U.S. software and a wide range of other intellectual property in China, cost U.S. businesses an estimated $48 billion and 2.1 million jobs in 2009. 
With the implementation of Obama’s proposed changes, the number of jobs lost would be cut greatly, and research and development would once again become an important focus for many U.S. companies that were scared to pump money into their R&D departments for fear of losing their hard-earned findings to foreign hackers.
One concern that arises with the creation of this executive order is the government’s intrusion on a company’s privacy. This should not be a worry, as the official order drafted by Obama stated that the only time the government would ask a private company for information was after a crime had occurred and investigations were taking place. 
This would be greatly beneficial to companies, since there would be some hope of finding the people who carried out the attacks on the company and possibly retrieving any intellectual property that was lost during the attack before it could be made useful by the hackers.
“In most cases, companies don’t realize they’ve been burned until years later when a foreign competitor puts out their very same product — only they’re making it 30 percent cheaper,” Scott Aken, a former FBI agent who specialized in computer intrusion, said to the press. Obama’s executive order helps prevent this exact scenario from occurring, and in turn saves private companies not only millions of dollars, but many headaches as well.
Although flags have been raised regarding the information that could be made available to federal agencies, Obama’s executive order greatly benefits companies looking to secure their data and intellectual property, as well as companies that may have already fallen victim to cyber attacks.
 This order would also indirectly boost the economy, since companies would be more willing to pump money into research and development positions, knowing full well that their intellectual property is well-guarded.
2 views this week