Interesting People mailing list archives
The Cybersecurity Industrial Complex
From: Dave Farber <dave () farber net>
Date: Wed, 25 Dec 2002 11:20:50 -0500
The Cybersecurity Industrial Complex The Feds have a massive, multiagency plan to protect the national information infrastructure. Get ready for IT police and network smart bombs. By Bruce Sterling Since the dawn of the information age, computer security commandos have battled the Four Horsemen of the Infocalypse: child pornographers, drug lords, mafiosi, and terrorists. A noble struggle, to be sure, but mostly vaporwar. Computer cops have long predicted that a massive cyberdisaster would transform their field from an underfunded annex into a law enforcement cornerstone. On 9/11, disaster struck, and whileal Qaeda doesn't appear to have mastered high tech, a year later the President's Critical Infrastructure Protection Board has unveiled a comprehensive plan: "The National Strategy to Secure Cyberspace." It's not a precise scheme for defeating cyberwar, cyberterror, and cybercrime, but the 58-page document does give a firm sense of the immense bureaucratic scale and vast budget required. Self-appointed security experts may scoff, yet "National Strategy" is actually a well-informed report written by sober, career-oriented functionaries. Richard Clarke and Howard Schmidt, the board's chair and vice chair, respectively, have broad experience that ranges from police work to the Air Force to the National Security Council to Microsoft. And there's money on the table. The $1.4 billion a year currently spent to secure federal computers is likely to expand by a factor of 10 during the rest of the Bush presidency. Given the present lean times, many clever hands will have their palms out. "National Strategy" cordially name-checks nearly every outfit that might improve the situation. Who will secure America's computing resources? Here's a brief list of organizations mentioned in the report, ranked from most formidable to least effectual, along with my best guesses as to their marching orders. Cyberterrorists beware: This is what you're up against. Defense Department If you're operating on foreign soil, the DOD will blow up your desktop and comb the wreckage for incriminating data. National Security Agency/UKUSA Echelon Outside and possibly inside the US, these spooks will listen in on your phone calls and read your faxes and email. Federal Bureau of Investigation The FBI will continue being the FBI, only bigger and angrier. Targets: global terror and multinational business crime. Secret Service The earphone army will collar money launderers, credit card and bank fraudsters, plus anybody "of protective interest." Federal Telecommunications and Information Systems Infrastructure This hypothetical outfit will get federal communications off the hack-prone Internet and onto safe, dedicated hardware. National Homeland Security Portal This is a one-stop Web shop for security patches and approved encryption, still in the idea stage. Office of Management and Budget The OMB will map federal networks and issue security report cards. A bad grade means you lose your computer money. National Infrastructure Assurance Partnership NIAP reps will make sure your workplace hardware meets their standards. Do what they say or your insurance will skyrocket. National Institute of Standards and Technology NIST's Computer Security Resource Center will write primers, distribute patches, and hand out cool security toys. Federal Computer Incident Response Center When new 'sploits devastate government routers, these white hats will man the servers. National Infrastructure Protection Center This is an attempt to keep data lines open among 18,000 federal, state, and local law enforcers should all hell break loose. Federal Emergency Management Agency The valiant disaster relief office will rush food and clothing to American cyberwar casualties. Task Force on Computer and Network Security Responsible for locking down the .edu sector, this agency will sniff out student hackers and have them expelled. Partnership for Critical Infrastructure Security This confederation will roll 13 federal agencies and 60 businesses into a military-industrial complex for waging long-term infowar. Information Sharing and Analysis Centers Here, corporate players who otherwise would be conspiring in restraint of trade can share "sector-specific security information." Cyberspace Academy This imaginary defense school will trade hordes of Cyber Corps soldiers for the expanding security apparatus. Forum of Incident Response and Security Teams A vague diplomatic huddle where Americans will argue about security with increasingly alienated Europeans, Japanese, Indians, Canadians, Australians, and Chinese. ------------------------------------------------------------------------ Email Bruce Sterling at bruces () well com. ------------------------------------- You are subscribed as interesting-people () lists elistx com To unsubscribe or update your address, click http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- The Cybersecurity Industrial Complex Dave Farber (Dec 25)