Army General Keith Alexander, commander of the Cyber Command and head of the National Security Agency called for legislation to enable and encourage infrastructure organizations like electrical grids and banks to quickly tell the government when they are under cyber attack.
“One of the things that we have to have (with legislation), is if the critical-infrastructure community is being attacked by something we need them to tell us at network speed,” Alexander said during a talk this week in Washington DC.
Watch a video of the talk.
The need to knowHe stressed that it doesn’t require the government to read personal email, but for the internet service provider or company to share the type of event in real time.
|Gen. Keith Alexander
“It’s like a missile coming in to the United States,” he said, adding that someone would not notify the government about an incoming missile via “snail mail.” He said the notification about cyber attacks could be in “real time,” but under a construct where citizens know “that we’re not looking at (taking actions that would raise concerns about) civil liberties and privacy.”
The government needs to warn the private sector and critical-infrastructure defenders about cyber threats, Alexander said, and also learn when attacks hit. The distinctions regarding what information needs to be shared need to be better understood by the public. He said his concern is that misunderstandings will delay legislation and solutions “until something bad happens.”
Uplogix can help
The Uplogix security story is pretty impressive. In addition to extending multifactor authentication through integration with TACACS and RADIUS to all devices managed through an Uplogix Local Manager, we’re able to maintain and enforce AAA (Authentication, Authorization and Accounting) regardless of the state of the network. Uplogix logs all changes made to managed devices and the results of those changes for improved audit and compliance reporting.
Find out more about security and compliance management on the Uplogix website.