With the theft and leaking of Democratic National Committee data, dramatic headlines are filling the pages of our newspapers. Calls for action are heard daily.
Whatever we might do in direct response, though, the best reaction over the long term might simply be quiet and sustained investment in STEM (science, technology, engineering, mathematics) education.
I’m old enough to remember how, in October 1957, Americans awoke to a new symbol of insecurity: the metronomic beeps from the Sputnik satellite launched by the Soviet Union. The nation saw it as a threat to American security and a challenge to our sense of technological and intellectual superiority — and ultimately our economic well-being.
Our reaction was swift and decisive. Within a month, President Eisenhower was telling the American people: “According to my scientific friends, one of our greatest, and most glaring, deficiencies is the failure of us in this country to give high enough priority to scientific education and to the place of science in our national life.” Eisenhower also recognized that “education requires time, incentive and skilled teachers.”
Just a few years later, President Kennedy challenged the nation to reach for the moon and, in a famous speech at Rice University, said: “We set sail on this new sea because there is new knowledge to be gained and new rights to be won.” He added that “space science, like all technology, has no conscience of its own. Whether it will become a force for good or ill depends on man.” He then called on the United States to occupy a position of preeminence in space to “help decide whether this new ocean will be a sea of peace or a new terrifying theater of war.”
Like Kennedy, we are in a new environment: the cyber domain. The same question pertains: Will it be a zone of peace or a theater of war?
Like Eisenhower, we face a significant threat to national security from the increasing cyber vulnerability of our military forces and our critical infrastructure.
So far, though, we have not evidenced the determination and resolve with which we faced the Sputnik challenge. Perhaps it’s because there has not been a real triggering crisis, at least not yet.
And, unlike the space race, the cyber conflict is characterized by the diversity and distributed nature of our opponents. They range from other nations like China and Russia to cybermilitias working for states like Syria, to powerful criminal enterprises, to anonymous hacker groups with a variety of ideological agendas.
Still, wholesale penetration of U.S. military computers in 2008 (an operation dubbed Buckshot Yankee) should have served as a wake-up call for American cyberdefenders. If that wasn’t enough, we should have taken notice seven years later with the massive breach of the Office of Personnel Management and the theft of information on all of our employees who carry security clearances.
These circumstances should call for greater determination since we are increasingly dependent on technology to operate and manage our critical infrastructure (i.e. finance, transportation, energy). We need an educated and skilled workforce to protect these systems from criminals, renegade states and other malicious actors. If our cyber enemies are numerous and more difficult to identify, and their targets more diverse, then the potential threat to our well-being and safety is higher, not lower.
Faced with the Soviet expansion into space, America made significant investments in science and technology. Kennedy’s 1963 budget provided training for 36,000 high school teachers, instituted similar efforts for college instructors and provided $61.5 million in grants to our colleges and universities for basic research. During the 14 years of the Apollo program, we spent in excess of $19 billion — not all of it on science education, of course, but much of it directly related to the development of American scientific and engineering expertise.
Today, by contrast, our reaction to the cyberthreat has been tepid. President Obama has recognized the need for more training. As he said in announcing his “computer science for all” initiative: “Providing access to CS is a critical step for ensuring that our nation remains competitive in the global economy and strengthens its cybersecurity.” He then went on to elaborate that “there were over 600,000 tech jobs open across the United States” and in a few years more than half of them will be computer-related.
So cyberdevelopment is about more than just security. It’s about economic development and, most important, it’s about human opportunity.
But we have yet to make the financial investment needed to improve our computer science skills. Only one in four K-12 schools teach any computer science at all. Our universities graduate only 40,000 computer science students annually — plainly inadequate with the roughly 600,000 jobs that go begging.
Progress is within reach. One activist group, the Computer Science Education Coalition, has called for the relatively modest investment of $250 million to support more than 50,000 classrooms and to reach more than 3.5 million students.
That we have yet to make such an investment suggests we do not take the threat or opportunity as seriously as we should.
It’s time for that to change.
• Gen. Michael Hayden is a former director of the CIA and the National Security Agency. He can be reached at firstname.lastname@example.org.