The United States needs to carefully define the goal of a “cyber moonshot” before embarking on a national mission to make the internet safe, Rep. John Ratcliffe said Tuesday.
The original moonshot “wasn’t easy to do, but it was easy to define,” he said at an event hosted Tuesday by Palo Alto Networks. “Before we work towards our own cyber moonshot, we need to define the objectives of that moonshot with great precision and clarity.”
Ratcliffe, R-Texas, is chairman of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, and the author of several cybersecurity bills.
The cyber moonshot is an analogy that has been used with increasing frequency to describe a proposal for a huge national effort to secure the digitally connected world. At a meeting earlier this month at a federal telecommunications advisory panel, a number of leading government scientists debated its usefulness.
“I don’t mean to imply that moonshots aren’t worth doing,” Ed Felten, the Princeton professor who was deputy CTO in the Obama administration told the president’s National Security Telecommunications Advisory Committee. But he suggested “roofshots,” an alternative, more iterative methodology, might be a better approach to solving the cyber problem.
Ratcliffe said that, despite the absence to date of a clear goal, the cyber moonshot had “some very distinct advantages compared to the space race of the 1960’s and even current initiatives like trying to find a cure for cancer.”
“With cybersecurity the tools we need to solve those problems already, to a large extent, exist… We already have the innovation we need, Ratcliffe said. “Better protecting America from the threats in cyberspace maybe aspirational but it is not theoretical any more. It is readily achievable.”
He added that even the poisonous political atmosphere in the nation’s capital shouldn’t deter the effort.
One of the cyber experts who has used the moonshot analogy, former CIA CTO Ira “Gus” Hunt, argued that such a project would create a single national goal for a much-needed cybersecurity game-changer in five years. “Clearly our current approach isn’t working, hence the call for a cyber moonshot,” Hunt, now working at management consultancy Accenture, told an audience CyberTalks last week.
Palo Alto Networks’ Chairman and CEO Mark McLaughlin Tuesday called the moonshot “A catalyzing national goal … to mobilize the U.S. towards a shared strategic vision and an ambitious [objective]: Making the internet safe in 10 years.”
“As soon as I say that, ” he added, acknowledging criticism of the moonshot analogy, “I might get beat up … All the obvious questions come up: What does that mean? The difference between getting a man to the moon and bringing him back versus something nebulous like a safe internet.”
“I’ve heard them all,” he said of the critiques. Like Hunt, McLaughlin emphasized that it was the setting of an ambitious goal that was important.
“The basic point is, can we rally as a nation and as an international community to say it’s important enough to have a very ambitious goal like that and to liberate our thinking to make it come true.”
But with ambitious goals yet to be defined, and little agreement even on the timeline — some say five years, some ten — there’s unlikely any time soon to be an analogue of President John F. Kennedy’s speech to Congress on May 25, 1961, setting the U.S. on a course to send a man to the moon and return him safely to Earth.
As Scott Charney, NSTAC vice chairman, told CyberScoop earlier this month: “This is the beginning of a conversation.”