Rockefeller, the committee chairman, said cyber attacks are happening too often and are "sucking the blood" out of the U.S. economy. The U.S. government needs "strong top-level coordination" to protect cyber security, he said. "Too much is at stake for us to pretend that today's outdated cyber security policies are up to the task of protecting our nation and economic infrastructure," he said. "We have heard the reassurances and seen the best efforts of many in the private sector working to secure their networks. But it is clear that even the largest, most sophisticated companies are not immune from attack."
While new regulations might help in some areas, U.S. technology users and policymakers need to stop tying more and more systems to the Internet, said Mary Ann Davidson, chief security officer at Oracle. "In the many discussions on what the government can do to fix cyber security ... it is worth noting that no single proposal will save us, and certainly not any time soon," she said. "There is, however, one thing we can do today: Stop making cyber security worse by rushing to use technology in ways we know very well we cannot secure."
Davidson said she worries about when the U.S. electrical system is fully controlled through the Internet and when people working with SCADA (supervisory control and data acquisition) systems fully embrace their ability to turn the systems on and off through a smartphone. "We know that people have built personal digital assistants that 'talk SCADA' because 'it's so expensive to send a technician to the plant,'" she said. "It won't be long before we hear 'Move the control rods in and out of the reactor? There's an app for that!' Some day we may have a power plant meltdown when all someone was trying to do is answer the phone," she added.