While cyber-attacks against U.S. computer networks are becoming more frequent and increasingly more sophisticated, the country is lagging in its efforts to beef up IT security, government officials testified in front of Congress.
The Energy and Commerce Subcommittee on Oversight held hearings on cyber-security and securing the nation’s critical infrastructure on July 26. The hearings examined the government’s efforts to safeguard private-sector networks that are considered part of the country’s critical infrastructure, such as the electric grid and nuclear power plants, against cyber-threats.
Witnesses included Gregory Wilshusen, the director of information security issues at the Government Accountability Office; Sean McGurk, director of the National Cyber-security and Communications Integration Center at the Department of Homeland Security’s cyber-division; and Bobbie Stempfley, acting assistant secretary of the DHS Office of Cyber Security and Communications.
In his testimony Stempfley denied that the increase in the number of attacks means that the security of U.S. government and private networks is weaker than it was a few years ago. “I wouldn’t say we’re more vulnerable than five years ago, but we are much more aware,” Stempfley told lawmakers.
However, as more industries move toward electronic information systems, such as utilities relying on smart meters, they are exposing themselves to cyber-attacks, according to Stempfley.
As attackers target a wider range of industries, victims are becoming willing to report the incidents, McGurk said, which means the government can collaborate more effectively with the private sector to collect information about threats and to mitigate them.
Under the White House cyber-security proposal released in May, the Department of Homeland Security would take the lead role in protecting non-military networks such as power grids and transportation networks. Rep. Cliff Stearns, R-Fla., subcommittee chairman, said he will hold additional hearings to examine how individual sectors are protected.