Taking the Cyberattack Threat Seriously

[Commentary] It doesn't take much to imagine the consequences of a successful cyber attack. In a future conflict, an adversary unable to match our military supremacy on the battlefield might seek to exploit our computer vulnerabilities here at home. Taking down vital banking systems could trigger a financial crisis. The lack of clean water or functioning hospitals could spark a public health emergency. And as we've seen in past blackouts, the loss of electricity can bring businesses, cities and entire regions to a standstill. This is the future we have to avoid. That's why my administration has made cybersecurity a priority, including proposing legislation to strengthen our nation's digital defenses. It's why Congress must pass comprehensive cybersecurity legislation.

We all know what needs to happen. We need to make it easier for the government to share threat information so critical-infrastructure companies are better prepared. We need to make it easier for these companies—with reasonable liability protection—to share data and information with government when they're attacked. And we need to make it easier for government, if asked, to help these companies prevent and recover from attacks. Yet simply sharing more information is not enough. Ultimately, this is about security gaps that have to be filled. To their credit, many of these companies have boosted their cyber defenses. But many others have not, with some lacking even the most basic protection: a good password. That puts public safety and our national security at risk.

For the sake of our national and economic security, I urge the Senate to pass the Cybersecurity Act of 2012 and Congress to send me comprehensive legislation so I can sign it into law. It's time to strengthen our defenses against this growing danger.