The U.S. government is making significant progress in its understanding of the cyber threat to U.S. national security, as demonstrated by a recent article in Foreign Affairs magazine by the deputy secretary of defense, William J. Lynn. The article also provides useful insights into government programs and capabilities to counter this threat, as well as the role of U.S. intelligence in helping the public and private sectors step up to this emerging national security challenge. More is needed, however, in terms of understanding what's at stake in cybersecurity, improving intelligence regarding adversaries' capabilities, intentions and activities, and creating the mechanisms to couple the public sector's capabilities to the private sector's needs. Finally, the government should consider how best to work together with the private sector in the global environment, so that the capabilities of U.S. intelligence can contribute to a global U.S. cyber strategy that defends the national security and economic security interests of our nation and our allies. Our security, our economic competitiveness and well-being, and the security of the international system depend on how we meet these challenges.
Government interest in cybersecurity has evolved swiftly in recent years. Concern previously focused on the security of military, intelligence and civil government systems on which military, national security and sovereign government operations depend. However, the government now understands that the cybersecurity of information systems crucial to critical infrastructure owned and operated by the private sector, as well as those by the public sector itself, are also of vital concern.
As a result, the Department of Defense, along with selected members of the aerospace and defense industry, has put in place a pilot program to enhance the cybersecurity of the defense industrial base companies that process defense information regarding U.S. military systems. The Department of Homeland Security has also developed a series of initiatives to understand the vulnerabilities of critical infrastructure systems, such as information systems critical to power production, transportation and banking, and to provide support to the private-sector owners and operator of such systems. Andy Purdy, writing in response to an article on cybersecurity in a recent edition of National Defense, describes some of the efforts in which the public and private sectors are already interacting to exchange information necessary to strengthen the cybersecurity of the nation's critical infrastructure and activities. These include the National Cyber Incident Response Plan (NCIRP), which would benefit from an even stronger exchange.