More Thoughts on White House Cybersecurity Draft

• Previous message (by thread): Wireless insecurity at NANOG meetings
• Next message (by thread): Whitehouse Tackels Cybersecurity
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

FYI.....seeing the discussion today I thought I'd offer this to the group as
well. Cheers, rf


Original with contextual reference URLS located at:
http://www.infowarrior.org/articles/2002-11.html

America's National Cybersecurity Strategy: Same Stuff, Different
Administration

Richard Forno
(c) 2002 Infowarrior.org. All Rights Reserved
Article #2002-11.
Permission granted to reproduce and distribute in entirety with credit to
author.

Today the White House releases its long-awaited "National Strategy To Secure
Cyberspace." This high-level blueprint document (black/whiteor color),
in-development for over a year by Richard Clarke's Cybersecurity team, is
the latest US government plan to address the many issues associated with the
Information Age.
 
The Strategy was released by the President's Critical Infrastucture
Protection Board (PCIPB), an Oval Office entity that brings together various
Agency and Department heads to discuss critical infrastructure protection.
Within the PCIPB is the National Security Telecommunications Advisory
Council (NSTAC), a Presidentially-sponsored coffee klatch comprised of CEOs
that  provide industry-based analysis and recommendations on policy and
technical issues related to information technologies.  There is also the
National Infrastructure Advisory Council (NIAC) - another
Presidentially-sponsored klatch - allegedly consisting of private-sector
'experts' on computer security;  but in reality consists of nothing more
than additional corporate leaders, few if any considered an 'expert' on
computer security matters.

Thus, a good portion of this Presidential Board chartered to provide
security advice to the President consists of nothing more than executives
and civic leaders likely picked for their Presidential loyalty and/or
visibility in the marketplace, not their ability to understand technology in
anything other than a purely business sense.  Factor in Richard Clarke's
team ­ many of whom, including Clarke, are not technologists but career
politicans and thinktank analysts ­ and you've got the government's best
effort at providing advice to the President on information security, such as
it is. (One well-known security expert I spoke with raised the question
about creating a conflict of interest for people who sell to the government
or stand to gain materially from policy decisions to act in advisory roles,
something that occured during the Bush Administration's secret energy
meetings.)

Now that you know where the Strategy comes from, let's examine some of its
more noteworthy components.

< - SNIP - >

Original with contextual reference URLS located at:
http://www.infowarrior.org/articles/2002-11.html

• Previous message (by thread): Wireless insecurity at NANOG meetings
• Next message (by thread): Whitehouse Tackels Cybersecurity
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]