Cyber awareness: What took so long?

The news has been filled with reports about the massive cyber breach at the Office of Personnel Management (OPM). Keep in mind the OPM knew of the breach back in December 2014.

After OPM finally went public about the breach, followed by the hearings on Capitol Hill, the White House issued a directive to federal agencies instructing them to take a series of rapid measures to lock down government systems and defend against the present risk of cyber attacks.

Online Multimedia Report: The OPM Data Breach: What You Need to Know

Three of the four actions should have been addressed a long time ago! We all know you can't apply every patch. In some cases, you have to replace an old system that does not function correctly after some patches are applied. That takes time and money.

Then news coverage began to report that the White House is in the process of reviewing a proposed Council of CEOs (Strategic Infrastructure Executive Council) that would represent the U.S. critical infrastructure industries. This council would collectively create a response and operational plan in the event of cyber or physical attacks or natural disasters that would affect organizations across energy, transportation, telecommunications, water systems as well as financial services critical infrastructure sectors.

Cyberattacks against federal agencies are not new by any stretch of the imagination. The same holds true when it comes to cyberattacks against the U. S. critical infrastructure. So what has taken so long? In respect to both of the above actions, this should have been done YEARS ago. U.S. Cyber Command and our Intelligence community have been sounding the alarm for a long time. So have cyber security subject matter experts from government and private industry in U.S. and other countries.

More systems vulnerabilities are being found and exploited daily. New cyberattacks have been launched with others in various stages of planning. Cyberattacks and data breaches are foreseeable risks. The risks posed by the attack on OPM and the ongoing assaults on our critical infrastructure demand proactive actions by government and critical infrastructure providers. These actions are not a one-time thing! We need real-time-enough actions – not the lackadaisical decision-making process that is all too common in government and, I hate to say it, but in much of corporate America as well. After all, our economy and our national security are at risk.

More In Net Defense Blogs

Pentagon stages first ‘Top Drone’ school for operators to hone skills

Industry and military drone operators flew tethered and untethered first-person drones through a course designed to test endurance and maneuverability.

Space Development Agency launches first operational satellites

The 21 spacecraft could start providing operational capability to combatant commands and other users within four to six months, according to SDA.

Space Development Agency director leaves post for academia

The agency’s deputy director, Gurpartap Sandhoo, will lead SDA in an acting capacity.

US Army soldiers kick the tires on a new class of multipurpose drones

Soldiers tried their hands at Launched Effects, service's latest buzzword for drones doing everything from reconnaissance to strike missions.

Trump links Space Command HQ move to Colorado’s ‘crooked’ voting laws

Twice Tuesday, Trump said Colorado’s mail-in voting policies influenced his decision to move SPACECOM headquarters from Colorado Springs to Huntsville.