Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Cybersecurity Chief Beckstrom Resigns

Posted by Soulskill on from the take-this-job-and-shove-it dept.

nodialtone writes with a Reuters report that Rod Beckstrom, director of the National Cybersecurity Center (NCSC), has tendered his resignation, citing clashes between the NCSC and the NSA with regard to who handles the nation's online security efforts. In his resignation letter (PDF), he made the point that "The intelligence culture is very different than a network operations or security culture," and said he wasn't willing to "subjugate the NCSC underneath the NSA." He also complained of budget roadblocks which kept the NCSC from receiving more than five weeks of funding in the past year. Wired has a related story from late February which discusses comments from Admiral Dennis Blair, director of National Intelligence, who thinks cyber security should be the NSA's job to begin with.

18 of 117 comments (clear)

  1. The latest as they go by by Anonymous Coward · · Score: 4, Funny

    Security is like virginity...once compromised it is lost forever.

  2. another decent man leaves government in disgust by jmcvetta · · Score: 5, Insightful

    From Mr Beckstrom's resignation letter: "In addition, the threats to our democratic processes are significant if all top level government network security and monitoring are handled by any one organization (either directly or indirectly."

    Amen, brother.

    1. Re:another decent man leaves government in disgust by jmcvetta · · Score: 4, Insightful

      Clean up your fucking country already.

      Some of us are trying to do just that...

    2. Re:another decent man leaves government in disgust by PolygamousRanchKid+ · · Score: 4, Insightful

      Yeah, like, what happened to that concept of "Checks and Balances" that Founding Fathers thought up in a steamy room in Carpenter's Hall in Philadelphia?

      So now the agency in charge of breaking security, and spying on people, should now be in charge of guaranteeing security?

      I better check the latest release notes, it seems that "Checks and Balances" has now been deprecated.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
    3. Re:another decent man leaves government in disgust by Antique+Geekmeister · · Score: 4, Insightful

      No, that's Congress's and the Supreme Court's job. They haven't been doing it lately.

      The reason for competing departments in the US Executive department is to provide a department willing to disagree, and possibly arrest or even shoot, members of the other department to prevent mutiny against the President's orders.

    4. Re:another decent man leaves government in disgust by lseltzer · · Score: 5, Informative

      They didn't think up checks and balances, they just implemented Montesquieu's theories in a more thorough and novel way than had been done. And it wasn't Carpenter's Hall, it was Independence Hall, then I think still called the Pennsylvania State House.

    5. Re:another decent man leaves government in disgust by nfc_Death · · Score: 4, Insightful

      All of those points the UK has done either long before the US or worse than the US. In fact the UK does not even have anything in place to protect their citizens privacy. Albeit slightly crippled lately at least the US has that. Im a canuck and we're idiots too, at least we can admit it. Suffice it to say, so far all attempts at men leading men have failed utterly.

  3. wrong by SuperBanana · · Score: 4, Informative

    I'm sure the military branches use their own methods, which are even resistant to NSA spying

    The entire point of the NSA is to secure government (and thus military) communications. DES, hello? That was developed so that the government could send shit privately, not for you and me.

    The NSA takes charge of development of all the various devices used, and probably gives recommended policy and procedure too. For example, secure communications between embassies? That gear was designed by the NSA, as were the protocols for programming them. Same goes for the encrypted comms on military planes and whatnot. The military uses these fancy boxes to "load" encryption keys into radios and such- and assure their security, chain of custody, blah blah. NSA developed.

    If you think the NSA has secret access and is running counter-ops or some bullshit like that, you've been watching too many bad movies and reading too many bad (Tom Clancy) novels.

    --
    Please help metamoderate.
    1. Re:wrong by Anonymous Coward · · Score: 3, Insightful

      And you are either making a joke or have not worked within the agency. The entire "point" of the NSA is certainly not just to secure communications. I believe the 17,000 interceptors I worked with would think otherwise...

    2. Re:wrong by Ethanol-fueled · · Score: 3, Insightful

      What about those fiber splices and sekrit black boxes in the AT&T offices?

      Either the so-called "rules" don't mean anything, or the NSA just has others break the law for them. Then Bush and Obama give those others immunity from prosecution.

      I don't trust any agency with "security" in its name. Especially when they abuse their networks to commit industrial espionage among other dirty tricks.

  4. Divide implementation from development&regulat by Anonymous Coward · · Score: 3, Interesting

    The current government cyber security system is broken by design. There is no way that one super organization can make every government network in the country secure. Each department and division in the government will have different needs. The only reasonable method to do this would be to have those departments and divisions implement their own security systems while the government at a whole creates a technology/advisory branch and a regulatory branch. Sort of like the DOE/NRC to nuclear reactor safety. The regulatory branch would audit the security (and potentially fine) the highest risk government agencies while the technology/advisory branch would be a big IT desk at which each department or branch could shop.

  5. That's crazy talk! by Tiger4 · · Score: 3, Funny

    "...director of National Intelligence, who thinks cyber security should be the NSA's job to begin with."

    Geezus, the would be like putting the thieves in charge of the banks! Uhhh, wait...

    --
    Behold, this dreamer cometh. Come now, and let us slay him... and we shall see what will become of his dreams.
  6. Security by Idiomatick · · Score: 4, Insightful

    The US security system(s) always amaze me. OkOk so the military gets infantry, navy and special ops divisions. But in the US you guys have like at least 10 other organizations. And all of their objectives are vague. Why not just close/merge a bunch of them. CIA FBI NSA NCSC US SS DoH DIA NRA really I could just start picking random letters (and i'm sure there are more than i've listed). They each get like 10billion a year. You see the same things happening with science. Cept the total for science is like 30b instead of 100. Its kind of amazingly wasteful. Even assuming they worked together well with no overlap. It is hard for a government to properly overview that many pointless departments if you don't even know what they are supposed to be doing.

    1. Re:Security by Eravnrekaree · · Score: 4, Informative

      Having different independant departments with different focus s not a bad idea. One of the concerns about FEMA after the New Orleans incident is that it had been reduced from a cabinet level agency and perhaps had lost some of its focus on natural disasters. In government there is transparency, so that a government agency can avoid duplicating the work of other agencies and as well they can also cooperate. So having a larger number of agencies also can allow for checks and balances to happen as well, so you dont have all of your eggs in one basket. Its important to have several indepandent agencies that can monitor each other. Different departments may also have different specialisation and may better able to fulfill certain needs than others.

  7. What we need by Eravnrekaree · · Score: 4, Interesting

    There should be a focus and funding on implementing BGPSEC and DNSSEC since this is where many of the major vulnerabilities lie, and developing new and improved encryption systems and so on. The goal being to assure the internet is a platform of freedom of expression where some cannot oppress the viewpoints of others.

  8. So? by PingXao · · Score: 3, Insightful

    Sounds like a good position to eliminate completely. Take the whole DHS with you on the way out the door. And possibly a good chunk of NSA too.

  9. Can't really blame him... by John+Pfeiffer · · Score: 4, Informative

    When blueprints and stuff for Marine 1 show up in Iran because some contractor wanted to download Britney Spears mp3s, yeah. I'd throw my hands up and walk away too. Things are only handled as intelligently as the dumbest person involved, and the leading cause of aneurism these days is having to deal with dumb people.

    --

    Friend: "The NIC is misconfigured..." Me: "No prob, I'll just telnet in and fix it." *Silence*
  10. Sorry. Cyberspace is way more complicated - by unity100 · · Score: 5, Insightful

    than you military oldtimers can ever comprehend. cyberspace also doesnt go well with the military mindset. military mindset requires control over the venues that needs securing. cyberspace, internet, is a venue that refuses control. because it is against its nature. even if you try and succeed in getting an iron stranglehold over internet in your country, the rest of the world will keep a free internet. which will mean that your security issues will continue. because, internet IS people. its not an empty network with consoles attached. its no different than your own society with its people.

    you should leave cybersecurity to people who understand online world and its people. you cant accomplish shit with military mindset. even more, heavy handed or controlling approaches lead to social online backlashes and spontaneous actions. portray yourselves as anti freedom fascists trying to control internet in a 1950s manner for any reason, and you may gain the attention of a varying multitude of people from hacking crowd, each of which could undermine whatever budget you can throw at security. portray yourselves as a friend of the people, and they harrass your enemies. (a la pirate bay case).

    remember - internet is an infinite chaotic space in which individuals can outdo thousands. best security approach is to be 'friend of the people'. and no military knows shit about that.

    so, NSA, leave it to people who know internet.

    --
    Read radical news here