But, first, there are some issues in cyber’s present that need to be cleared up, he wrote.
“Rarely has something been so important and so talked about with less clarity and less apparent understanding than this phenomenon,” Hayden began his piece.
One thing is clear, though, he said. Too much of the information about cyber vulnerabilities is classified.
“This stuff is overprotected. It is far easier to learn about physical threats from U.S. government agencies than to learn about cyber threats,” he wrote.
The government and the military need to “recalibrate what is truly secret,” he wrote, to initiate a broad flow of information to people and corporations who face cyber threats.
In other words, he said, we need a culturewide “common knowledge” of cyber, that, now, is lacking. And after very public disclosures, such as WikiLeaks, it will likely be difficult to create.
“With no common knowledge, no meaningful discussion, and no consensus . . . the policy vacuum continues,” he said. “This will not be easy, and in the wake of WikiLeaks it will require courage; but, it is essential and should itself be the subject of intense discussion. Who will step up to lead?”
Part of the problem stems from the fact that cyber is such a new domain. And, yes, in case you were wondering Hayden (“like everyone else who is or has been in a U.S. military uniform,” he wrote) considers it an actual domain.
But even though cyber has been enshrined in law, he wrote, this one is different from land, sea, air and space.
“Man can actually change this geography, and anything that happens there actually creates a change in someone’s physical space.”
Hayden jettisons the martial metaphors, in favor of a more realistic discussion of the “inherent insecurity of the web.”