Slashdot Mirror
Report: DHS Failing On Cybersecurity
chicksdaddy writes: It's always interesting to listen to what politicians say on their way out of office — after the pressure to get re-elected and say "on message" has been lifted. Eisenhower's historic farewell address in 1961 warned Americans about the influence of the Military-Industrial Complex. Twenty years later, Jimmy Carter warned of the distorting influence of "single-issue groups and special interest organizations" on the political process. And, this week, outgoing Sen. Tom Coburn (R-OK) used his final days in office to issue a blistering report on the Department of Homeland Security. Coburn argued that DHS was failing on each of its five, critical missions, among them: cyber security.
The report, "A Review of the Department of Homeland Security's Missions and Performance (PDF)," was released on Saturday. In it, the outgoing Senator said that DHS's strategy and programs "are unlikely to protect us from the adversaries that pose the greatest cybersecurity threat."
Despite spending $700 million annually on a range of cybersecurity programs, Coburn said it is hard to know whether the Department's efforts to assist the private sector in identifying, mitigating or remediating cyber incidents provide "significant value" or are worth the expense. DHS programs are still heavily weighted towards software vulnerability mitigation, Coburn says, an activity that "will not protect the nation from the most sophisticated attacks and cybersecurity threats."
The report, "A Review of the Department of Homeland Security's Missions and Performance (PDF)," was released on Saturday. In it, the outgoing Senator said that DHS's strategy and programs "are unlikely to protect us from the adversaries that pose the greatest cybersecurity threat."
Despite spending $700 million annually on a range of cybersecurity programs, Coburn said it is hard to know whether the Department's efforts to assist the private sector in identifying, mitigating or remediating cyber incidents provide "significant value" or are worth the expense. DHS programs are still heavily weighted towards software vulnerability mitigation, Coburn says, an activity that "will not protect the nation from the most sophisticated attacks and cybersecurity threats."
It's doing exactly what it was intended to do: bilk appropriations to well connected people and Corporations in the name of National Security. If anyone EVER thought it was something other than that, they're far too naive for the present reality!
Take a bunch of overly bureaucratic organizations that have needed weeding out for decades, create a huge new bureaucracy to oversee them all, and WTF can you expect?
// Homeland security never made any sense to me
/// I vote Republican prolly 70% of the time
/ Bush was the worst president in my 50+ year lifetime
Tom Coburn isn't all bad. I believe that people with medical degrees who have taken the hypocratic oath make pretty good leaders. They often seem genuinely concerned with the welfare of people. Lawyers often get too involved with winning against the adversary. Tom definitely can grandstand and play politics, but he also seems to genuinely believe in what he is doing and care about people.
Why does anybody care what a 66-year-old doctor from Wyoming thinks about information security?
The report criticizes the DHS as ineffective at "cybersecurity" because of.. zero days or something.
It's clear that neither Coburn, nor the author of the report, understands infosec or how it is different from kinetic war. You can't amass troops or use force. It's very difficult to even know who attacked you.
You can do something like building defensive lines, but that's exactly what the report criticizes.