Congress Fiddles as Cyberattacks Intensify
Firms are opposed to costly new laws. But they might have the most to lose.
When it comes to bolstering cybersecurity -- safeguarding a wide array of computer networks that control everything from the U.S. electrical grid and water plants to financial and medical records -- meaningful protection is a long way off, even as cyberattacks score hit after hit on U.S. targets.
Businesses are increasingly vulnerable as cloud computing and mobile commerce gain in popularity. Both favor access and usability over security, and cybercriminals are taking notice. Many of the most vulnerable computer systems "were never designed to be secure," says Joe Weiss, managing partner at Applied Control Solutions LLC, which provides strategic consulting on industrial cybersecurity targets.
Cybertheft costs firms $1 trillion worldwide, which includes worker downtime, financial losses, physical repairs and rebuilding damaged business reputations.
Sign up for Kiplinger’s Free E-Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
Also on the rise: more-sophisticated malware, such as the Stuxnet computer worm and Aurora, a China-originated attack on Google, Adobe Systems, Morgan Stanley, Dow Chemical and other companies. What's more, many breaches go unnoticed for weeks. Note that the U.S. and Israel secretly used the Stuxnet worm to crash nearly 1,000 centrifuges critical to the development of Iran's nuclear program. And "it's much easier to attack our power companies than centrifuges in Iran," says Alan Paller, director of research at SANS Institute, a cybersecurity training school.
The problem is, there's no cheap fix. Experts say U.S. firms would have to triple spending over their current budgets to ward off attacks. And putting every exposed weakness behind a firewall would cost even more.
The cost factor is largely behind Congress' inability so far to pass legislation that would begin to address needed standards and other steps to stop cyberattacks.
Lawmakers removed a provision requiring firms to comply with government standards on cybersafety in favor of voluntary compliance, but even the dilution draws protests. Business groups say a cybersecurity law would create burdensome regulations, with no guarantee of success. They’re also reluctant to share data with the feds.
"In all my years working to identify vulnerabilities to our national security, I can't think of an area where the threat is greater and where we have done less," says Sen. Susan Collins of Maine, the ranking Republican on the Senate Committee on Homeland Security and Governmental Affairs.
A bill still can pass later this year or next, however. The White House, CIA and National Security Agency will make it clear that they're not just crying wolf. The bill would set up a national cybersecurity council that would recommend standards. In coming years, even more stringent rules for sharing vital intelligence between businesses and government are likely, particularly if voluntary efforts fall short.
Spending on security measures will be ramped up, growing by 10% a year in the U.S. over the next five years. Should there be a big attack, spending will soar. Poised for big paydays: tech firms that specialize in online security -- Cisco, Oracle, McAfee, Symantec, IBM, Trend Micro, EMC and others.
There will be roaring demand for cybersecurity experts. The government alone wants to hire at least 10,000 specialists in coming years. The private sector will add 100,000. The median pay for "white hat" hackers and other experts will approach six figures.
Despite the debate and delay, the government, and eventually businesses defined as critical infrastructure, will have to take action, because it's a matter of when, not if, a potentially crippling cyberattack will occur. The question is, how prepared will the U.S. be to mitigate the damage?
Get Kiplinger Today newsletter — free
Profit and prosper with the best of Kiplinger's advice on investing, taxes, retirement, personal finance and much more. Delivered daily. Enter your email in the box and click Sign Me Up.
-
Take Charge of Retirement Spending With This Simple Strategy
To make sure you're in control of retirement spending, rather than the other way around, allocate funds to just three purposes: income, protection and legacy.
By Mark Gelbman, CFP® Published
-
Here's How To Get Organized And Work For Yourself
Whether you’re looking for a side gig or planning to start your own business, it has never been easier to strike out on your own. Here is our guide to navigating working for yourself.
By Laura Petrecca Published
-
AI Regulation is Looming: Kiplinger Economic Forecasts
Economic Forecasts Find out what Washington and regulators have planned for artificial intelligence.
By John Miley Published
-
The Biden Tax Plan: How the Build Back Better Act Could Affect Your Tax Bill
Politics Depending on your income, the Build Back Better Act recently passed by the House could boost or cut your future tax bills.
By Rocky Mengle Published
-
Kiplinger's 2020 Election Forecast
Politics For nearly a century, The Kiplinger Letter has forecasted the outcome of presidential elections to keep readers informed of what's coming and what it means for them. Here's our call for 2020.
By The Kiplinger Washington Editors Published
-
The 2020 Election and Your Money
Politics We’ve assessed how the presidential candidates’ stances on financial issues will affect your wallet.
By the editors of Kiplinger's Personal Finance Published
-
5 HEROES Act Provisions with a Good Chance of Becoming Law
Politics The massive federal stimulus bill just passed by the House of Representatives is "dead on arrival" in the Senate. But a few proposals in the bill have enough bipartisan support to eventually become law.
By Rocky Mengle Published
-
Vote by Mail: A State-by-State Guide to Absentee Ballot Voting
Politics With health authorities recommending people continue to social distance, the idea of voting by mail is becoming an increasingly hot topic.
By Rivan V. Stinson Published
-
9 Ways COVID-19 Will Change the 2020 Elections
Politics The 2020 election will be like no other in history, as the COVID-19 pandemic will upend the business of politics as usual.
By Sean Lengell Published
-
How to Run for Local Office
Politics If you’ve ever thought that you could do a better job than the elected officials currently in office, here’s how to launch a campaign—and win.
By Kaitlin Pitsker Published