We should stop talking about cybersecurity, not because “cyber issues” are over-hyped, but because the challenges and constantly evolving threat landscape involving cyber are so complex, and we cannot afford to continue operating under an already overextended definition.
We recognize that the magnitude of the threats posed by malicious cyber activity leads people to look for a big, bold, visible sign of change. Creating a U.S. Department of Cybersecurity is not the answer. We cannot stovepipe thinking about cybersecurity into one centralized place or approach. The threat is so pervasive and so severe that it requires a recognition that a change in thinking is necessary for everyone operating an enterprise.