Security Is a National Concern

August 2001
By Lt. Gen. C. Norman Wood, USAF (Ret.)

When someone mentions the term National Security, everyone immediately understands both its meaning and its importance. All military, geopolitical, economic, law enforcement and sociological elements come into play under the overarching concept of nation preservation. Laws are passed, militaries are formed, and foreign relations are defined all to ensure that a country’s existence remains unthreatened by potential adversaries.

The concept of information security, on the other hand, long has been viewed as merely a niche discipline. While steadily increasing in importance, information security nonetheless has been considered just one element of an overarching concept. Now, however, the proliferation of technologies and netizens that use them are driving that niche discipline into a full-fledged survival endeavor of its own.

Throughout history, various resources have been ascribed as essential to a nation’s well-being, if not its existence. During the agriculture era, food literally was a country’s most essential necessity. In agrarian nations today, it still is. When the industrial age began to dominate national economics, fossil fuels—first coal, then later crude oil—became nations’ lifeblood. Any threats to the supply of these vital resources became threats to a country’s very existence.

Now we are in the information age. Whole national economies are being restructured around the exploitation of information, and other aspects of societies are following suit. Militaries also are redefining their capabilities around related technologies. Data is the lifeblood of these digital societies, and interruptions of that essential information flow could have grave consequences for the health of a nation.

Consequently, the blunt fact is that information security is national security. No longer merely a subset of a larger issue, information security is now the primary issue about which the free world must be concerned. Just as information technologies increasingly are defining military capabilities—and their successes—so now is information security poised to define military security. And, that holds true for a nation’s infrastructure as a whole, which is likely to be the first target in an all-out cyberwar.

The United States, for example, is thoroughly enmeshed with information technologies. Highway, rail and air transportation systems are computerized; electrical power grids are computer-controlled; and manufacturers rely on dynamic information systems for supply and inventory control along with fabrication. And, above all, every element of the financial sector—from individual banks to giant stock markets—relies on information technologies for nearly all aspects of operations.

Even the most localized disruptions can have far-reaching consequences. One small but significant example occurred last year when a paging satellite suffered a technical failure. Whole regions of the United States were left without paging capabilities. Doctors who relied on the immediacy of these devices to stay in vital contact with their offices and hospitals found their essential communication links down and out. Other businesses, while not involved in life-critical work, also were unable to function normally. These widespread effects happened as a result of a single technical failure, not from an information attack by an adversary.

Our defense planners recognize the seriousness of the situation. U.S. military information networks have been under virtual nonstop assault for many months now, and the number of attempted intrusions is increasing almost as exponentially as the improvements that are occurring in information technologies. These probes have come from all manner of cyberintruders ranging from hobbyist hackers seeking to leave their digital calling cards on government Web sites to foreign intelligence services searching for information or planning for hostile activities.

And these are just the intrusions with which we are familiar. Undoubtedly, some malice-minded cybernauts have probed defense networks without leaving any trace of their presence. They could be searching for intelligence, or they could be scouting the terrain for when cyberspace becomes a full-fledged battlespace. Either scenario is both likely and troubling.

With this threat imperiling every aspect of government, the military, business and society, deterring and defending against it must entail broad-based cooperation among all of these sectors. It is the very definition of national security that everyone works together to protect a country against a serious threat, whether foreign or domestic.

To accomplish this, industry and government must work more closely than ever before on information security technologies and methodologies. This coordination must begin at the earliest stages of product development, and it must encompass all types of communications and information systems. Cultural resistance to joint government and industry involvement in technology development must be swept aside in favor of cooperation that is essential to all parties. Indeed, AFCEA International is an organization that is perfectly positioned to serve as a key intermediary between government, the military and industry in this crucial security endeavor.

It is not an insurmountable task. We did it when the free world’s very existence was threatened—World War II and the Cold War—and we can do it again. The adversary may be more of a concept than an enemy with a face, but it is no less a danger.