[Infowarrior] - Former NSC Official Criticizes Cyber Security Policies

[Richard Forno]

Former NSC Official Criticizes Cyber Security Policies
By Siobhan Gorman
http://blogs.wsj.com/washwire/2010/09/21/former-nsc-official-criticizes-cyber-security-policies/

The Obama administration’s cyber security policies came under fire today from unexpected quarters—former National Security Council official Richard Clarke, who advised the administration’s transition team.

“The Obama administration so far has failed to do the necessary with regard to cyberwar,” said Clarke, who now heads a security consulting firm, Good Harbor Consulting, and recently co-authored a book on cyber security. In a speech in Washington to the Cyber Conflict Studies Association, he acknowledged several times that he was critiquing his friends.

The Obama administration was quick to fire back. “The Obama administration is very focused on this,” said one administration official. “The president has designated [cyber security] as a strategic national asset.”

The administration hasn’t articulated a strategy to tackle computer network security in the U.S. The Pentagon has hinted that such a strategy exists but hasn’t described it publicly, Clarke said. He said the Pentagon is working to extend its cyber protection efforts to the private sector because the Department of Homeland Security isn’t providing that security.

Among other failings, Clarke said the Homeland Security’s cyber security programs are underfunded and the department has “done nothing” about cyber threats to critical infrastructure such as the electric grid, which is increasingly dependent on the Internet to stay up and running.

The administration’s failure to engage the public on cyber security matters is dangerous, Clarke said, adding that history suggests the government is apt to make mistakes when it refuses to communicate openly with the public about its activities.

The administration official countered that the agencies responsible for cyber security have been staffing up quickly and the Homeland Security has created SWAT teams to respond to cyber attacks affecting critical infrastructure.

In the coming weeks, Homeland Security will launch an exercise to test out its new response plan for cyber attacks, which the official called “a playbook for everybody to work from.”