The Center for Strategic & International Studies CSIS commission on Cybersecurity released a report for the 44th presidency back in January 2011, entitled “Cybersecurity Two Years Later”.  This updated cybersecurity report is a continuation review the nation’s preparedness for cyber security threats that was initially released two years ago for the current presidential administration.

Within the bipartisan, non-political report, the commission’s strongly expresses its view that our nation is not prepared to meet national security cyberspace challenges. Described within are numerous specific points which describe in the committee’s opinion failure to adequately prioritize and recognize continued cyber security threats. This includes threats from hackers, foreign countries, terrorists, and other organizations. The committee repeats its call for a “new approach to cyber security, including a coherent national strategy, but new organization to lead the effort, and a decision to make cyber security a national priority by stepping in where the market had been unsuccessful.”

Interestingly, the report makes a rather determined case that the open nature of the Internet and self-policing of security is wholly inadequate as a valid strategy. The argument is made that if the airlines were self-governing in regards to standards of safety in flight, the level of safety would actually not provide the best result. The report is also critical of the “feckless 2003 National Strategy To Secure Cyberspace, which called for a voluntary approach the cyber security”.

Further relevance to these points was this weekend’s news that Nasdaq systems were hacked via a  reported malware exploit through its Directors Desk service, a cloud application where thousands of company board members store and share confidential documents.

The commission goes on to address 10 key areas for progress each with extensive direction and analysis. Each area provides very fascinating and specific views that reach into many different areas of national security, financial security, and various suggestions for advanced capacities for dealing and planning for cyber security.  Additional suggestions call for consistent, verifiable internet identities, and a review of the anonymous and open nature of the internet.

The report summarizes that in order to tackle national cybersecurity: “the decisions and actions must respect privacy and civil liberties that private initiative alone will not produce security and that adopting a comprehensive and national security strategy that embraces both the domestic and international aspects of cyber security will make us more secure.”  Over the next several updates we will dissect various points made in the report and their relevance to business, privacy, enterprise, national and international business.