Homeland Security Watch

Comment by Preston

August 7, 2009 @ 9:46 pm

Minor correction: US-CERT is Computer Emergency READINESS Team, not Response.

Comment by Jessica Herrera-Flanigan

August 7, 2009 @ 10:07 pm

Preston,
Thanks for catching my hastily written typo. It has been corrected.

Comment by William R. Cumming

August 8, 2009 @ 4:55 am

Hey let’s not worry over the typos just glad this post being read. Readers of this blog and other know how highly I rate the whole cyber security issue. As a principal in drafting Executive Order 12656 and its loosely defined and elipitical use of the term “National Security Emergency” the worry was primarily physical security. A former FEMA Director had ambitions for a nation policing force to be run by FEMA (he was a retired MP Colonel)under the authority of form EO 10421 that was rescinded by EO 12656! Anyhow, DOJ was suggested (by me) to become the lead Executive Branch organization on physical security issues. The FBI would examine other federal facilities on a reimbursement basis. But the DOJ participants only wanted DOJ in a support role with NO lead for DOJ and oddly NO lead for any other agency. The normal bureacratic Pas de Deux (sic)! I don’t want to do it but don’t want you to do it either. Anyhow, there was really no mention of cyber security. How the world changed with Senators Kyl and Johnson pushing cyber and mandating what became the Marsh Commission which reported in fall 1997 thatcip world had broken forever in two between physical security and cyber. Now almost 12 years later we still are struggling with that recommendation. But I urge really drastic action. I urge reducing if necessary physical security funding by the US if necessary and devoting that 2/3rds reduction to cyber security and cyber offense and defense. The world has changed since the fall of 1997 even more than I realized it would. Disclosure I was then still struggling to figure out what was a computer dumb terminal and what the internet was and its meaning for the world. FEMA has NO internet connections authorized when I retired in October 1999! And as we know from the 9/11 Commission the FBI was not really “on” the internet on that date. So let’s get with it. I hope President Obama personally gave an exit interview to Melissa Hathaway. And I hope that the Secretary DHS gave an exit interview to Mishel Kwon. If they did not do this then that oversight needs correction fast. Brennan and Jones seem to think Cyber is important. So does GATES. So exactly who and where are they in the Executive Branch that don’t get “IT”? I forget who is the CHIEF IT guy or gal at the WHITE HOUSE? Should they not also be the Cyber Security guru? Is not computer security cyber security? All these labels prevent collaboration and cooperation! OMB long ago focused on the costs of acquiring IT systems but perhaps OMB Circular A-130 is now much too important to be administered by the narrow minded IT bureacrats at OMB! Maybe its time to split the entirety of the federal Executive Branch budget into a two year cycle. One year IT and Cyber and the next year the rest of governmental activity. And why no examination closely of what is inherently governmental in either the IT or Cyber world? Folks this is the future and either US is going to ride it or be buried by it. And of course free broadband in rural areas would also help. Where I live of course!

Comment by William R. Cumming

August 8, 2009 @ 5:07 am

By the way I estimate that the US public and private expenditure on Y2K was about $350B (US) and until efforts after 9/11 was clearly the largest single preparedness effort ever undertaken domestically. Others may disagree and I am still sorry so much of effort at coordination and collaboration was discarded after the event but it was a major success. The one key failure was lack of reprogramming for one NRO satellite that went off status for about 12 days that could have been a huge problem given its area of coverage. But hey US worked hard and pulled together and helped other countries also. Who knows whether a Pandemic or other threat will generate that level of funding or activity. Perhaps! But it again documents how cyber has come to dominate the modern world and 21st Century. Thanks again from me to all those who worked so hard on Y2K on behalf of America. Hoping still for a comprehensive documentation and analysis of that experience by someone somewhere. Did I mention that DHS is close to having expended $40B on its IT/cyber efforts since its creation without a whole lot to show for it. Did do a good job of destroying old legacy systems however. Not so good a job of replacing them and in some cases had to expend extra funds and energy restoring legacy systems because new ones never came on line. But hey just read the GAO and OIG/DHS reports. Congress of course asleep or taking graft from IT contractors who to me remain the most unaccountable of all the federal contractor community. Why? The feds never staffed up to properly contract for IT services, document their needs, or provide proper guidance. If you want to mine some of Uncle Sugar’s best then go into IT! The heck with plastics.

Comment by William R. Cumming

August 9, 2009 @ 9:30 am

Long article paralleling Jessica’s post by Ellen Nakashima in Saturday WAPO!

Pingback by Cybersecurity - | Homeland Security Watch

August 10, 2009 @ 8:10 am

[...] Friday, I wrote a quick blurb noting that Mischel Kwon, the director of the U.S. Computer Emergency Readiness Team at the [...]