If you're looking to the U.S. government to help protect your business from cybersecurity threats, you should stop.
"It's not going to happen," declared former CIA & NSA Director Michael Hayden at the MAPI Executive Summit.
"It's not because the government doesn't want to act," he added. "It's because this is a real hard problem."
Oh, and YOU won't let it.
But I'm getting ahead of myself.
Hayden explained: "The American military, when it talks about cybersecurity, says 'cyber is a domain.'" That is, just as there is land, sea and airspace, there is the cyber domain. "To them it's a location, it's a place." And, since this is the military, it's a location that should be protected.
For Americans, there's more: Add to that our sensitivity to protect free speech and privacy, and we become even more conflicted about the government's role in policing the cyber domain. Which comes down to: "You and I haven't decided what we want our government to do [to protect the cyber domain] and, more important, what we will allow our government to do for us."
As for Congress, Hayden recalled that cybersecurity bills introduced in 2012 were "opposed equally by the ACLU and the U.S. Chamber of Commerce."
"Think about that," Hayden said, pausing for effect. "That's an unatural act. But it reveals how much we don't have the fundamentals down as to what we want the government to do to protect us."
Finally, further complicating our concerns and the debate about the government's role in cybersecurity defense is the Edward Snowden revelations. Now, any dialogue about it "is frozen not just for this congress, but for the congress we're going to elect in November," Hayden said. "And we might get back to discussing this like adults after the presidential election in 2016."
"By the way," Hayden concluded: "We do need the government to provide security up here [in the cyber domain.]"
In the following 3-minute video, taped at The Johns Hopkins Foreign Affairs Symposium: The Price of Privacy: Re-Evaluating the NSA, Hayden cogently explains why we're so ambivalent about the government's role in monitoring the cyber domain.