• United States



Contributing Writer

Cyber ShockWave Illustrates Why the Federal Government Must Lead the Cybersecurity Charge

Mar 12, 20102 mins
Cisco SystemsData and Information Security

Feds Must Own Command-and-Control while Championing Public/Private Cooperation

Last week I wrote a blog suggesting that IT professionals and legislators read the new book, “Fatal System Error,” by Joseph Menn. This recommendation was based on my believe that most people don’t understand the scope of sophistication of current cyber threats and we need more government and private sector action and cooperation immediately.I received an interesting comment from someone who classified him or herself as a libertarian. While this person suggested that he or she would read the book, they expressed great apprehension about “big government” getting involved. The fear is that the government will simply turn cybersecurity into a gravy train, spend inordinate amounts of money, and never meet its responsibility or mission objectives.I certainly share some of this reader’s apprehension and can point to a number of government cybersecurity snafus that have gone nowhere and cost hundreds of millions of dollars. Nevertheless, I continue to believe that the Federal Government must lead the way. Why? Rather than write down my rationale, I suggest that readers do a bit of digging on a similated excercise by the Bipartisan Policy Center called “Cyber ShockWave.” You can watch video of the proceedings at YouTube ( this exercise, expert participants simulated a series of sophisticated cyber attacks on the U.S. If real, these attacks would cause massive economic damage while disrupting our daily lives in a big way. Pretty ugly.In my humble opinion, attacks like these are the cyber equivalent of Hurricane Katrina. Yes, the government can totally screw up as it did with New Orleans and Katrina, but the private sector has no capacity to fill this void. It’s DHS or bust in both cases.We citizens need to demand that the Feds get their cybersecurity act together but also hold legislators accountable for their actions and spending. We need the government to be prepared for an event like Cyber ShockWave and soon — before it actually happens.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author