The government has tacitly acknowledged that the war is on, which can be deduced more from actions than from words. The Department of Homeland Security is hiring 1,000 cyber security specialists, and the always covert NSA is looking to hire 3,000. At DEFCON, the Las Vegas convention of hackers held last August, representatives of Homeland Security, NASA, the NSA, and the CIA were among the 10,000 attendees. For the agencies, it was a massive job fair, presuming that one could distinguish the white hats from the black hats during the interview process.
If you've ever read a copy of The 9/11 Report, you know that interagency cooperation is not necessarily a foregone conclusion. Indeed, there was some credible speculation that the 9/11 plot might have been uncovered and thwarted had the alphabet agencies been amiable instead of antagonistic. So while maybe it's a good thing that everybody's trying to hire people to fight the bad guys, two questions remain: why are they scrambling to staff up now, rather than a couple of years ago when the problem was already obvious (do they know something we don't?); and what makes anybody think all of these government agencies that at some level compete with one another can work together as a team, or better yet, as an army?
In the good old days, Ronald Reagan defeated the Evil Empire (aka the Soviets) by outspending them. The thinking was simple—America would keep building more armies and more armaments against an enemy that simply could not keep up financially. It worked, didn't it? And although those old Cold War enemies, China and Russia, are the most often-named potential thieves of American PII (that's personally identifiable information), fighting hackers is much more like a land war in Asia than anything else. The enemy doesn't follow any rules, doesn't wear uniforms, can be very hard to identify or even see, and may or may not be associated with an actual nation-state. As you and hopefully some officials in Washington may recall, fighting land wars in Asia just isn't our thing.
The U.S. government needs to be certain that our response to this genuine and massive threat is not as bureaucratic and fractious as everything else that goes on in Washington these days. We can't just spend our way out of this since the bad guys have as much, if not more, money, sophistication and sophisticated technology than we do. We need an organized and centralized cyber-army. We need a population sufficiently informed of the risks so that "if we see something, we say something" and we do something. And, most of all, we must acknowledge that of all of the potential catastrophes faced by this nation in the 21st-century, a cyber attack from a dedicated enemy—be they a terrorist group, a competing nation-state, or just a bunch of crazies along the lines of the villains in the titles of James Bond novels—is the one to whom we are most vulnerable.
Adam Levin is Chairman and cofounder of Credit.com and Identity Theft 911. His experience as former director of the New Jersey Division of Consumer Affairs gives him unique insight into consumer privacy, legislation and financial advocacy. He is a nationally recognized expert on identity theft and credit.