Let me start this blog by saying that I am completely in favor of a broader leadership role for the U.S. Federal Government in cybersecurity. Based upon inside knowledge and lots of horror stories I've heard, I strongly believe that the state of cybersecurity is far worse that most people think.
That said, I am also worried that cybersecurity is a political hot potato that may already be out of control. Here are a few examples that lead me to this conclusion:
1. The new U.S. Cyber Command owned by DOD and NSA may or may not play in the civilian world. There is already a lot of scuttlebutt about the fact that DHS may have lost out in a power grab for cyber security because of weaknesses within the department. While the stated Cyber Command goal is for military cybersecurity only, I wonder how it will work with DHS and the White House cybersecurity coordinator.
2. While the President searches for his cybersecurity coordinator, Senators Rockefeller (D-WV) and Snowe (R-ME) hope to push their Cybersecurity Act of 2009 through a Senate subcommittee in July. Since the month of July starts this week, shouldn't this activity be in lock-step with the appointment of the White House cybersecurity coordinator?
3. DHS is coordinating a program called Einstein to centralize network security. The goal is to get each Federal agency to use Einstein technology so DHS can capture and correlate network security activity across Federal government. Okay, but Einstein is based on proprietary software developed by Carnegie-Mellon and funded by DHS. Why is DHS funding this development effort when there is plenty of commercially-available software available for the same purpose?
As if this isn't enough, we've already had a public warning about the cybersecurity power grab by former DHS honcho (and obvious insider) Rod Beckstrom. Yikes!
I am old enough to remember when military contractors were charging thousands of dollars for hammers and toilets while laughing all the way to the bank. Yes, the state of cybersecurity is a mess and we need immediate improvements but we also need oversight soon so this doesn't turn into another Washington boondoggle. While cybersecurity is a real and pressing issue, let me remind our elected officials that we also have some macro economic and Federal budget woes to address.
- About Networking Nuggets and Security Snippets
- Jon Oltsik is a principal analyst at Enterprise Strategy Group responsible for the networking and security services at ESG. Prior to joining ESG, Jon was the founder and principal of Hype-Free Consulting. Mr. Oltsik previously served as VP of Marketing & Strategy at GiantLoop Network where he managed all marketing activities and defined the company’s strategic vision. Jon was also a Senior Analyst at Forrester Research where he covered a wide range of infrastructure and IT topics. In this role, he was frequently quoted in business journals, including the Wall Street Journal, Business Week, and the New York Times, and was also the recipient of a prestigious "best research" award for his breakthrough report, "The Internet Computing Voyage."
Most Discussed Posts
-
Network World, Inc
The Connected Enterprise