Slashdot Mirror

← Back to Stories (view on slashdot.org)

U.S. Cybersecurity Not So Secure?

Posted by ScuttleMonkey on from the behind-the-times dept.

freaktheclown writes "According to CNet, 'government auditors have been saying that Homeland Security has failed to live up to its cybersecurity responsibilities and may be 'unprepared' for emergencies.'" The article discusses FEMA's handling of relief efforts for hurricane Katrina and how a very similar situation exists with electronic security measures in the U.S. In addition to a conjecture the department of cybersecurity has been "plagued by a series of damning reports, accusations of bureaucratic bungling, and a rapid exodus of senior staff that's worrying experts and industry groups."

11 of 162 comments (clear)

  1. That's what happens when unqualified people.. by CyricZ · · Score: 5, Insightful

    ... are given jobs because of their political affiliations.

    Yes, unqualified people performing serious jobs leads to nothing but problems.

    --
    Cyric Zndovzny at your service.
    1. Re:That's what happens when unqualified people.. by clambake · · Score: 4, Funny

      Yes, unqualified people performing serious jobs leads to nothing but problems.

      Careful now, that sounds a bit like TERRORIST talk to me...

    2. Re:That's what happens when unqualified people.. by Tackhead · · Score: 4, Funny
      > ... are given jobs because of their political affiliations.
      >
      > Yes, unqualified people performing serious jobs leads to nothing but problems.

      You miss the point. The purpose of cycling senior people through the bureaucracy isn't because the bureaucracy's ineffective, it's because it's the gateway to a consluting career with the bureaucracy. That's how the Aristocracy of Pull works, and it works the same way whether the Jackasses or the Elephants are in charge. (The only catch is that you can only pull fellow Jackasses (or Elephants) through the door -- and because your tribal totem isn't going to be in charge forever, whenever your gang's in charge, you're obliged to bring the maximum number of fellow gang members through the door as possible during your time in charge.)

      To recap:

      1) Cultivate enough pull to get a cushy appointment.
      2) As a courtesy to the last guy to hold your post, hire him as a conslutant at double his previous pay.
      3) Continue to ineffective -- preferably so ineffective that you have a good excuse to resign in "disgrace" within a year or so. This frees up the slot so your boss can reward another guy with pull.
      4) Get hired by the new guy at half the political liability to your friends, and at double the pay.
      5) PROFIT!

      The less effective the bureaucracy, the more people can be run through the revolving door during the course of a given administration, and the more taxpayer dollars can be looted in the process. And because pull is proportional to dollars looted, the system creates its own incentive. Launder, rinse, repeat.

    3. Re:That's what happens when unqualified people.. by bakes · · Score: 5, Funny

      the gateway to a consluting career

      This is one of the most insightful typos I've seen on slashdot.

      --
      Ho! Haha! Guard! Turn! Parry! Dodge! Spin! Ha! Thrust!
    4. Re:That's what happens when unqualified people.. by NMerriam · · Score: 4, Insightful

      Whenever there is a governmental mistake, or failure to accurately foresee the future, accusations start flying. The media Queen of hearts shouts at everyone, "Off with their heads". No wonder there's an exodus of senior staff.

      But that's not what happens -- the media doesn't scapegoat invisible public service employees who've been dutifully showing up doing their job every day for 30 years. Those employees make it through scandals in administration after administration, because everyone knows the agency will not function without them -- ocassionally one may be scapegoated internally, but they don't have any "sex appeal" to the media.

      This recent wave IS very different, because it is one of the first times that these guys do seem to be resigning in large numbers -- not because of "media pressure" (the media doesn't even know who these guys are), but because of inept cronies being put in place above them, and then the cronies not being smart enough to realize the career professionals should be running the show.

      That's exactly what is happening with the CIA right now, where guys who have happily served both Republican and Democratic administrations for decades are suddenly being dictated to on how to perform their jobs by people who are barely qualified to operate the paper shredder.

      "The Media" isn't pushing out the senior CIA officials, the Bush administration is, the same way they pushed Whitman out of the EPA (I mean, geez, the Republican governor of New Jersey is "too liberal" on the environment? Reality check! That's as crazy as suggesting a quadrupegic veteran isn't patriotic!)

      --
      Recursive: Adj. See Recursive.
  2. Security Through Obscurity is my motto by Average_Joe_Sixpack · · Score: 5, Funny

    I keep all my usernames/passwords on a Geocities hosted site.

  3. The root cause? by clevershark · · Score: 4, Funny

    Well duh, it's hardly surprising, when everything's considered.

    --

    My sig is too lon

  4. the ownership vs. threat info gap by G4from128k · · Score: 4, Insightful
    One core problem is that the people that regulate cybersecurity don't own the infrastructure. This means they have little hope of understanding how real-world privately-owned (and vulnerable) networks operate. The flip side is that the government people that might have intelligence data on cybersecurity threats won't share that info with the people that actually own and operate the networks.

    One group (govt) may understand the threat, but is clueless on the operations side. The other group (owers) don't have the classified intelligence data on the threat, but do know the operations side of the network.

    Until the two sides share both info and operations knowledge, cybersecurity isn't possible.

    --
    Two wrongs don't make a right, but three lefts do.
  5. Who wants a top-down solution anyway? by Quadraginta · · Score: 4, Insightful

    Goodness, who wants the Federal government to be responsible for general IT security in this country? I mean, let's just think carefully through the kind of power over the network they'd need (or say they need) to be given to achieve it.

    Brrr.

  6. A history of unfavorable gov't security reports by sczimme · · Score: 4, Informative


    Much of the Federal government has a sub-optimal track record in the security arena. In March of 2004 Rick Forno published an article (with links) that summarized Uncle Sam's security issues:

    The farce of federal cybersecurity

    (That's the title Rick used, btw.)

    --
    I want to drag this out as long as possible. Bring me my protractor.
  7. That was known years ago. by khasim · · Score: 4, Insightful

    There was a plot to fly a plane into the Eiffel Tower. We've known planes were considered as weapons for years.

    But planes are physical objects. They cause physical damage. Normal, healthy people can be killed from physical damage.

    What's the very worst that can happen if the Internet goes down?

    That's not a rhetorical question. Think of the worst situation you can and then think of whether it would be better/safer to not have the Internet connected to whatever it is. Nuclear plant cyber-attack? Why have them on the 'net in the first place? Dam flooding a town? Same thing.

    The first thing any "cybersecurity czar" should be doing is making sure that the potential for damage is reduced.

    If the worst thing that they can do is to steal your identify and money online, then you're "safe" in that it won't kill you or physically cripple you.

    But that takes thought and expertise in evaluating the real threat.