The United States is not adequately prepared for a serious cyber attack as the country is a “three” on a scale of one to 10 when it comes to preparedness, U.S. Cyber Command Commander Keith Alexander said Thursday.
Speaking at the Aspen Institute’s annual security forum in Aspen, Colo., Alexander said defending the nation from a cyber attack is complicated as its not just a question of preparing the Department of Defense or federal networks, but private industry as well.
The key to developing a strong cyber security infrastructure is educating its users, Alexander said.
“We have a great program, it’s jointly run by [the National Security Agency] and [the Department of Homeland Security] working with over 100 different colleges and universities to set up an information assurance/cyber security portfolio,” he said.
Because attributing the source of a cyber attack is difficult, the focus is currently on defense rather than offense, Alexander said.
“Today, the offense clearly has the advantage,” he said. “Get cyber legislation in there, bring industry and government together, and now we have the capability to say ‘You don’t want to attack us. We can stop it and there are other things that we can do to really make this hurt.'”
“The key is having a defensible capability that can survive that first onslaught,” Alexander said.