On Thursday, January 5th, President Obama unveiled the highlights of the U.S. defense strategy in an unprecedented appearance at the Pentagon briefing room (with his parting comment being “it’s a pretty nice room”). The public summary of the DoD strategy and accompanying remarks by the President, Secretary of Defense Leon Panetta, and Chairman of the Joint Chiefs of Staff Gen. Martin Dempsey clearly place cybersecurity as one of the highest priorities. On the very first page, President Obama’s remarks state that “we will continue to invest in the capabilities critical to future success…including cyber.” While cuts will be made in many areas, cybersecurity does not appear to be one of them.
The President emphasized that the Government will reduce spending wisely and that we, as a country, will learn from the lessons of history in making appropriate cuts. Although the strategy places a significant amount of focus on the physical issues and kinetic capabilities of the U.S. defense complex, it also recognizes that “[b]oth state and non-state actors possess the capability and intent to conduct cyber espionage and, potentially, cyber attacks on the United States, with possible severe effects on both our military operations and our homeland.” Accordingly, the cyber domain stands equally alongside land, air, maritime, and space as a domain that will be dominated by the U.S. in military action against an adversary in a given region.
The strategy also points to the need for modern armed forces to operate effectively across numerous domains, including cyberspace. To do so, “DoD will continue to work with domestic and international allies and partners and invest in advanced capabilities to defend its networks, operational capability, and resiliency in cyberspace.”
These and other similar remarks during the respective addresses by the President, Mr. Panetta, and Gen. Dempsey would seem to indicate that spending on cyber security technology (at least by the government) will continue to rise. Having said that, we’ve seen the enthusiasm in the past when it seemed like cybersecurity was taking center stage. It’s been almost three years, however, since the May 29, 2009 address by the President on the topic of cybersecurity (again unprecedented), where he stated that “just as we failed in the past to invest in our physical infrastructure…we’ve [also] failed to invest in the security of our digital infrastructure.” Many commentators have noted more recently that much more remains to be done. While there have been a few other major issues during this period that have been keeping the administration busy (the budget crisis, a couple of wars, and a recession to mention just a few), there are many who are hoping that this announcement will mark a real turning point. Only time will tell…