The Pentagon, for its part, makes no secret of the fact that, even in a time of fiscal restraint, there is money to be had for firms that can help make the cyber realm more secure. In the midst of tense defense budget negotiations, “I can just tell you that at no time in the deliberations ... was it even considered to make cuts in our cyber expenditures – not even considered,” Mr. Carter said.
In fact, that portion of defense spending is increasing. It would increase still more “if we could find more worthy investments to make,” Carter added.
Even so, companies don’t necessarily understand the threat of cyberattack, Pentagon officials say. Though the “long march” toward cybersecurity is just beginning, Carter says, “It’s difficult to embark on this march, because the market, both economic and political, undervalues security at the moment – doesn’t see it, doesn’t fully get it,” he added. “And I’m afraid events will soon prove it wrong.”
Legislation on Capitol Hill would require a certain degree of federal oversight of cyberprotection for “critical infrastructure” such as power stations and water plants. Disabling such facilities by attacking their computer systems, say defense officials, would be a “cyber Pearl Harbor.” The bill also would require private firms to let the government know when their systems are hacked.