When it comes to cybersecurity, threats to critical infrastructure are the worst of the worst. Vulnerabilities in this field are where talk of a “cyber 9-11” and “hackers can kill you through your pacemakers” come from—they’re the types of threats that keep some people awake at night.
But one of the main advisers to the government on these threats says we all need to calm down, drop the doom and gloom, and start looking at the real solutions already in front of us.
What we need, according to James Scott, senior fellow of The Institute for Critical Infrastructure Technology, is a “cybersecurity renaissance.”
Scott helps bridge discussions between legislators, government offices, and businesses on ways to prevent cyberattacks against U.S. critical infrastructure—things like the electric grid, financial system, and water supply.
The problem with cybersecurity, he said in a phone interview, isn’t our inability to fight the threats. The problem is our inability to implement systems and trainings that are already available.
“We have technologies now, that if implemented and enforced right now, could get us to the next level of cybersecurity,” Scott said.
Scott isn’t the only one saying this. Walter O’Brien, executive producer of the CBS hit show “Scorpion” and CEO of Scorpion Computer Services, recently proposed a cybersecurity system that simply brings all the existing solutions under one roof.
“We have technology that does all of this,” O’Brien told Epoch Times in an earlier interview. “We’ve just never put it in one box.”
Scott noted recent guidelines the FDA released for protecting medical devices against cyberattacks. While the guidelines still have gaps—particularly since they’re just guidelines, and not enforceable regulations—he said it’s a step in the right direction.
“They’re on the right path,” he said. “It is an interesting way to start the public conversation.”
The government has proposed legislation and advisers holding onto potential solutions, and businesses are surrounded with options. Yet, they often resign to defeat or to the trudge of bureaucracy, rather than take steps to keep developments moving.
Coverage of cybersecurity issues often focuses heavily on problems, but gives little in terms of solutions. Coverage of vulnerabilities in health devices, for example, often yields stories like “hackers can kill you through your pacemaker,” and “hackers can seize control of your car and kill you.”
While both of the above examples are unfortunately true, Scott said the environment of panic isn’t helping, and noted there’s a line between scaring people’s socks off and sparking discussions about solutions. As an example, in the fall he accurately warned the House of Representatives there will be an epidemic of cyberattacks that hold systems for ransom, and offered ways to prevent it.
“That part is not doom and gloom,” he said.
What he hopes to see is something more akin to a “cybersecurity renaissance.” It would be an environment where problems are raised, and rather than create an air of chaos and panic, they would bring about an emphasis on cybersecurity hygiene and education.
This alternate approach, Scott said, is already being adopted by parts of Europe, and is bringing cybersecurity beyond the doom and gloom.