Posted on | February 27, 2009 | 8 comments
In moves that should help stimulate the economy, the Obama Administration this week took two big steps toward slowing, and perhaps ultimately reversing, the rapid growth of cybercrime. On Wednesday, Admiral Dennis Blair,Ã‚Â Director of National Intelligence, told Congress that he will assume a greater role in cybersecurity. Then on Thursday, the President released his proposed fiscal 2010 budget,Ã‚Â which includedÃ‚Â $355 million in funding to make private- and public-sector cyber infrastructure more resilient and secure.
Above and beyond the $800 billion stimulus package approved by Congress, these developments should provide a sustained economic boost forÃ‚Â vendors whoÃ‚Â supply security hardware, software and related services.
Codes of conduct needed
Clearly, the Obama transition team membersÃ‚Â assigned to security and intelligence have succeeded in getting the White House up to speed very quickly. Prior to addressing Congress, Blair submitted this 46-page “threat assessment,” which makes numerous references to cybersecurity. “TheÃ‚Â global financial crises has exacerbated what was already a growing set of political and economic uncertainties,” concludesÃ‚Â Blair. “We are nevertheless in a strong position to shape a world reflecting universal aspirations and values that have motivated Americans since 1776: human rights; the rule of law; liberal market economics and social justice. ”
To accomplish these lofty goals, the U.S. intelligence arm must take action on, among other things, “developing codes of conduct for cyberspace,” asserts Blair.
That notion is reinforced in an outline of the Obama budget proposal that concludes: “The threat to federal information technology networks is real, serious and growing.”
According to Reuters, one of the last things the Bush Administration did wasÃ‚Â conduct aÃ‚Â two-day “cyberwar” simulation in December; the test found the United States unprepared for a major hostile attack against its computer networks. Bush has been heavily criticized for ignoring cybersecurity, until cyberspies began to conduct major breaches of government and military systems in 2006 and 2007.
Obama’s budget includesÃ‚Â “substantial” funding to help build “an integrated and holistic approach to address current cybersecurity threats, anticipate future threats, and continue innovative public-private partnerships,” according to the budget overview.
Rob Housman, Executive Director of the Cyber Secure Institute, praised Blair’s grabbing the cyberthreats bull by the horns.
“Blair’s action is an enormously positive step for our nation’s security. We strongly agree with Blair’s approach,” opines Housman. “In fact, we have previously called for action precisely along these lines.”
Houseman was referring to a report issued by CSI on Jan. 6 calling the super-secretive National Security Agency, where Blair now sits, “the laboring oar in the federal government’s technology security certification programs.” Blair has at his disposal, “extensive expertise in reviewing and analyzing the real security of IT systems.”
An insightful excerpt from the CSI report: “The agency also has many of the world’s best penetration experts on staff. This would give the NSA a major leg up in managing a set of carrots or sticks, or both, to drive private sector cybersecurity; they would know which systems meet the mark and which fall short. These capabilities mean that a shift to the NSA could be much more than a bureaucratic reshuffling of the deck chairs.”
Meanwhile, the White House is awaiting the results of a 60-day review of U.S. cybersecurity policyÃ‚Â being conducted by a highly-regarded military collaboration consultant,Ã‚Â Melissa Hathaway. I have a source in the tech industry who is not a regular government supplier. But he very much would likeÃ‚Â to be. HeÃ‚Â has developed some innovative security technologies, but was unable to get to square one with the Bush Administration.
By contrast, it took him just one phone call to leave a message forÃ‚Â Hathaway. She called him two days later,Ã‚Â and spoke directly with him about what he thought he could contribute. Whether he gets anywhere or not remains to be seen. But I take his experience as aÃ‚Â good sign that access and transparency are being implemented, not just talked about.
Photo of Admiral Dennis Blair