[Infowarrior] - 'Cybersecurity commission' to proffer advice to next president
Richard Forno
rforno at infowarrior.org
Sat Aug 9 15:15:47 UTC 2008
'Cybersecurity commission' to proffer advice to next president
Posted by Declan McCullagh 4 comments
http://news.cnet.com/8301-13578_3-10009603-38.html
LAS VEGAS--Transitions between presidential administrations are
typically influence-peddling, power-consolidating, appointee-vetting
exercises run by Washington insiders. Perhaps that's why the
quintessential Washington think tank, the Center for Strategic and
International Studies, is trying to insert itself into the process.
The private organization, which has close ties to the U.S. military
and counts Henry Kissinger on its payroll, has gathered about 35
people and awarded them the official-sounding title of "Commission on
Cyber Security for the 44th Presidency." Adding to the formality are
some closed-to-the-public meetings and ex-officio members from federal
agencies, congressional offices, and the nebulous "intelligence
community."
The group's mandate is unusually broad: developing a "forward-looking
framework for organizing and prioritizing government efforts to secure
cyberspace." But four of its members indicated on Wednesday that the
commission is focused on compiling no more than five recommendations
and will not be proposing legislation or suggesting dramatic changes.
Marcus Sachs, Verizon's director of national security policy, a former
government official, and a commission member, said that stealthy
cyberintrusions were a real threat to the security of today's networks.
"In the transition between the Clinton and Bush presidencies in late
2000, there was no group doing what we're doing now...trying to tee up
cybersecurity as an agenda item," Sachs said during a panel discussion
at the Black Hat security conference here.
"What we're really trying to figure out is how to collaborate" between
government and industry, said Peter Allor, an IBM security program
manager and a commission member. "Information sharing is broken. It's
a one-way send."
Marcus Sachs, who helped create the National Strategy to Secure
Cyberspace and now an executive director for government affairs at
Verizon, talks at Black Hat 2008 about the origin of the Commission on
Cyber Security and the challenges it will face with a new presidential
administration.
(Credit: Elinor Mills/CNET News)
Download video!
Of course, calling for better information-sharing is like promising to
clean up Washington: everyone says it's a good idea, but nothing ever
seems to happen. (CNET News, for example, published an interview in
2002 in which the head of the Partnership for Critical Infrastructure
Security said better "information sharing" was a "strategic area." In
a 2004 follow-up, a senator said "we need a complete system of
information sharing" between the private sector and the government.)
One panelist said that the FBI's "InfraGard" information-sharing
relationships with the private sector shouldn't change.
"We're not recommending to do away with InfraGard," said Jerry Dixon,
director of analysis at the Team Cymru research firm, a former
Homeland Security official, and a commission member. "That's something
that the executive departments have set up... We're certainly not
recommending to do away with those different partnerships because they
belong to the different departments."
The CSIS panel is composed mostly of industry, government, and ex-
government types. Among the other members: Mary Ann Davidson, Oracle's
chief security officer; Doug Maughan, a Homeland Security program
manager; Will Pelgrin of New York's cybersecurity office; Phil
Reitinger, a Microsoft security strategist; and Amit Yoran, chairman
of NetWitness and a former Homeland Security official.
The commission plans to publish the final report in "early November"
and, perhaps, an earlier draft for public comment.
"It has to be elevated to the highest echelons of this government and
internationally," Tom Kellermann, a vice president at Core Security
Technologies, a former World Bank security official, and a commission
member, said, referring to cybersecurity topics. "We're losing the
war. It's essential. That's the key theme of the recommendations that
will come out."
The difficulty is making sure a President McCain or President Obama
pays attention to them. The ACLU, for example, presented the incoming
President Clinton with a briefing book called "Restoring Civil
Liberties: A Blueprint for Action." As it turned out, Clinton embraced
the notorious Clipper chip, mandatory wiretapping rules, and attempts
to ban encryption products without backdoors for government
surveillance.
Then again, even if the CSIS commission finds its recommendations
ignored, the identities of its members may not be. In Washington,
joining commissions like this one serves a convenient secondary
purpose: it just happens to circulate your biography to the people who
are doing the hiring for the new president.
More information about the Infowarrior
mailing list