Inteligencia y Seguridad Frente Externo En Profundidad Economia y Finanzas Transparencia
  En Parrilla Medio Ambiente Sociedad High Tech Contacto
Inteligencia y Seguridad  
 
23/06/2005 | Cyber czars: Bush Admin. hasn’t taken cyber security seriously

Martin Edwin Andersen

Nearly four years after the 9/11 terrorist outrages, former Bush White House cyber czars say that it is still unclear what the government’s role should be in protecting the country from -- and mitigating the effects of -- cyber attacks, with one sharply panning the administration’s computer security policies.

 

Cressey, Schmidt and Yoran

“There has not been enough of an investment at the most senior political levels in this administration to make this [cybersecurity] an important issue,” charged Roger Cressey, a former chief of staff to the President’s Critical Infrastructure Protection Board.
 
“The bumper sticker would say that this administration doesn’t care about cyberspace,” Cressey added. “I wouldn’t go that far. [But] there is a general frustration on the part of a number of people about the administration’s unwillingness to elevate cyber security to give it suffic ient attention and focus.”
 
“What we’ve not seen since 9/11,” he said, “is a good agreement between government and the private sector about how we are going to work together to solve or mitigate the risk in a lot of areas in cyber and physical security.”
 
Cressey made the comments at a Gartner IT Summit panel chaired in Washington in early June by famed Watergate reporter Bob Woodward and in which Howard Schmidt and Amit Yoran also took part.
 
Cressey’s stark message was balanced by comments from Schmidt, who helped implement the administration’s National Strategy to Secure Cyberspace before returning to the private sector.
 
Schmidt pointed out that because service providers have built in many new controls to prevent attacks, and other free security tool bars are available as well, the integrity of the Internet has already been significantly strengthened.
 
Part of industry’s response, Schmidt said, also came from what he called the increasingly operational Information Sharing and Analysis Centers (ISACs). The industry-led public-private partnerships, he noted, still needed to do a better job of sharing information with the government and across industry sectors.
 
At the same time, according to Yoran, the former director of the national cyber security division within the Department of Homeland Security, the government’s role in protecting cyberspace is still unclear.
 
“As the government’s level of sophistication improves in cybersecurity, we need to find what the value proposition is: What can government do? What can it contribute?” Yoran asked. “They [the government] don’t run the systems, they don’t own the systems, they don’t operate the systems, they don’t develop the technologies and the solutions folks can use to protect themselves. And, in the limited cases in which they have intelligence, they aren’t willing to share it.”
 
For the government to have a trul y positive impact, Yoran added, it will have to “spend a few cycles finding out what that value proposition is.”
 
Part of the problem, several members of the panel agreed, was that efforts to elevate the issue of cyber security might be thwarted by a bureaucracy and political culture in which potential trade-offs might not seem worth the risk.
 
“People look at cyber and they say, physical (security) is what we really worry about because that’s how people died — stuff blows up, we have to worry about body bags,” Cressey noted. “Cyber doesn’t do that, so therefore it is a secondary issue.”
 
“People do not understand the interdependencies at work today, and they don’t realize that if you do not elevate cyber -- not at the expense of other issues -- you are not going to bring all the resources the White House and the administration can bring to bear on the issue and work with the private sector to get proactive and ahead of the curve,” Cressey added.
 
Without a major national cyber event to act as a catalyst for action, “we’re still in this reactive approach -- that’s where the frustration is for a number of people who have left [the government],” Cressey said. “If you elevate [cyber security] before there is an attack, maybe you can do things to mitigate or prevent that attack. After an attack, of course, it is going to be elevated, much like terrorism.
 
Before 9/11, Cressey noted, “everyone agreed Al Qaeda was an important issue, but no one was willing to elevate it at the expense of other issues in our foreign policy agenda. I’m not equating cyberspace to the threat posed by Al Qaeda. But there is a similar mindset in any bureaucracy, especially the government bureaucracy, if I elevate one issue, other issues must suffer.
 
Protecting the information network from unknown threats, and receiving credit for something that did not occur can also be problematic in a results-oriente d bureaucracy.

Bob Woodward“How do you measure the negative?” Schmidt asked. Woodward, too, pointed to what he called a natural mindset of “show me results.”
 
If the initial results of an action are, “’look what didn’t happen,’” he said, “that doesn’t get George Bush’s juices going.”
 
Woodward recalled interviewing the president in the Oval Office.
 
“He [Bush] has -- he showed me -- a chart of the Al Qaeda people, and when someone is bumped off or captured, he does an X.,” Woodward said. “It would be very hard to give him a sheet of paper and say, ‘Here’s a calendar. And you put an X in every day that there is not a cyber attack’.”
 
“Not very rewarding,” he deadpanned

Government Security News (Estados Unidos)

 



Otras Notas del Autor
fecha
Título
23/09/2020|
05/03/2020|
17/01/2020|
05/06/2018|
27/03/2018|
21/02/2018|
22/04/2017|
17/02/2017|
17/12/2016|
14/09/2016|
07/08/2016|
27/03/2016|
22/03/2016|
22/03/2016|
11/03/2016|
15/02/2016|
20/09/2015|
20/09/2015|
07/09/2015|
03/09/2015|
18/02/2015|
20/01/2015|
18/12/2014|
09/12/2014|
18/11/2014|
06/11/2014|
01/10/2014|
17/09/2014|
06/09/2014|
14/05/2014|
12/03/2014|
04/02/2014|
19/12/2013|
03/11/2013|
25/10/2013|
10/10/2013|
29/08/2013|
27/06/2013|
19/05/2013|
08/05/2013|
08/05/2013|
02/05/2013|
20/03/2013|
23/02/2013|
23/02/2013|
25/01/2013|
15/06/2012|
26/05/2012|
04/05/2012|
28/04/2012|
17/04/2012|
01/11/2011|
04/07/2011|
04/07/2011|
11/04/2011|
07/02/2011|
24/01/2011|
14/12/2010|
21/11/2010|
15/09/2010|
09/08/2010|
18/07/2010|
01/07/2010|
11/06/2010|
06/06/2010|
13/01/2010|
29/10/2009|
24/09/2009|
03/09/2009|
02/09/2009|
29/08/2009|
25/07/2009|
25/07/2009|
25/07/2009|
25/07/2009|
01/04/2009|
12/03/2009|
12/03/2009|
16/11/2008|
16/11/2008|
14/11/2008|
14/11/2008|
18/09/2008|
18/09/2008|
13/08/2008|
13/08/2008|
28/01/2008|
17/01/2008|
30/12/2007|
16/12/2007|
02/12/2007|
01/12/2007|
06/10/2007|
12/09/2007|
17/06/2007|
17/06/2007|
17/06/2007|
17/06/2007|
17/06/2007|
17/06/2007|
21/05/2007|
21/05/2007|
06/04/2007|
28/03/2007|
12/01/2007|
12/01/2007|
18/12/2006|
18/12/2006|
22/09/2006|
22/09/2006|
03/08/2006|
01/08/2006|
23/02/2006|
08/10/2005|
18/08/2005|
22/07/2005|
15/07/2005|
12/07/2005|
14/06/2005|
25/05/2005|
26/04/2005|
26/04/2005|
29/03/2005|
29/03/2005|
19/02/2005|
19/02/2005|
16/02/2005|
16/02/2005|
15/02/2005|
15/02/2005|
11/02/2005|
11/02/2005|
09/02/2005|
09/02/2005|
09/02/2005|
09/02/2005|
06/02/2005|
06/02/2005|
04/02/2005|
04/02/2005|
04/02/2005|
02/02/2005|
02/02/2005|
02/02/2005|
31/01/2005|
31/01/2005|
28/01/2005|
28/01/2005|
25/01/2005|
25/01/2005|
25/01/2005|
25/01/2005|
24/01/2005|
24/01/2005|
18/01/2005|
18/01/2005|
14/01/2005|
14/01/2005|
13/01/2005|
13/01/2005|
11/01/2005|
11/01/2005|
11/01/2005|
11/01/2005|
11/01/2005|
11/01/2005|
06/01/2005|
06/01/2005|
04/01/2005|
04/01/2005|
24/12/2004|
24/12/2004|
22/12/2004|
22/12/2004|
22/12/2004|
22/12/2004|
14/12/2004|
14/12/2004|
06/12/2004|
06/12/2004|
02/12/2004|
02/12/2004|
30/11/2004|
30/11/2004|
23/11/2004|
23/11/2004|
20/11/2004|
20/11/2004|
12/10/2004|
12/10/2004|
24/09/2004|
24/09/2004|
27/06/2003|
27/06/2003|
20/06/2003|
20/06/2003|
03/06/2003|
03/06/2003|
07/05/2003|
07/05/2003|
06/05/2003|
06/05/2003|
24/04/2003|
24/04/2003|
16/04/2003|
16/04/2003|
16/04/2003|
16/04/2003|
10/04/2003|
10/04/2003|
09/04/2003|
09/04/2003|
02/04/2003|
02/04/2003|
27/03/2003|
27/03/2003|
21/03/2003|
21/03/2003|
20/03/2003|
20/03/2003|
17/03/2003|
17/03/2003|
15/03/2003|
15/03/2003|
03/03/2003|
03/03/2003|
22/02/2003|
22/02/2003|
17/02/2003|
17/02/2003|
07/02/2003|
07/02/2003|
04/02/2003|
04/02/2003|
01/02/2003|
01/02/2003|
30/01/2003|
30/01/2003|
28/01/2003|
28/01/2003|
22/01/2003|
22/01/2003|
15/01/2003|
15/01/2003|
26/12/2002|
26/12/2002|
24/12/2002|
24/12/2002|
22/12/2002|
22/12/2002|
13/12/2002|
13/12/2002|
13/12/2002|
13/12/2002|
01/12/2002|
01/12/2002|
06/10/2002|
06/10/2002|
04/10/2002|
04/10/2002|
28/09/2002|
28/09/2002|

ver + notas
 
Center for the Study of the Presidency
Freedom House