Sunday, March 22, 2009

A bill to shift cybersecurity to White House

This is worth paying attention to; Forthcoming legislation would wrest cybersecurity responsibilities from the U.S. Department of Homeland Security and transfer them to the White House,:
CNET News has obtained a summary of a proposal from Senators Jay Rockefeller (D-W.V.) and Olympia Snowe (R-Maine) that would create an Office of the National Cybersecurity Advisor, part of the Executive Office of the President. That office would receive the power to disconnect, if it believes they're at risk of a cyberattack, "critical" computer networks from the Internet.

Some industry groups are warning, however, that adding customized requirements to the government's procurement process may inhibit the government's ability to take advantage of the innovations and cost benefits available from commercial technology.

"Simply put, the government cannot reach its security goals by compromising its access to commercial solutions and processes, nor can it technologically or financially afford it," the Business Software Alliance wrote in a memo to Melissa Hathaway, the acting senior director for cyberspace at the White House National and Homeland Security Councils, who is conducting a 60-day review of cybersecurity programs for President Obama. "Rather than imposing overbroad security requirements, government needs to be selective and limit them to high-criticality systems."

4 comments:

T. F. Stern said...

I have no idea what Anonymous from the orient had to offer; but I'd be wary of anything which enables the government to put its fingers further into any form of control over any part of life, to include the internet.

Unknown said...

I was going to delete anonymous from the orient, but perhaps he/she is telling us how much they love this blog or how they share our concern when it comes to cyber security.

Or...perhaps they are demonstrating that they want to be allowed freedom to spam, which creates my equal freedom to delete.

:-)

Lawrence Moore said...

I think the operative phrase here is, "critical computer networks." Department of Defense systems, yes. FEMA networks, yes. Certain research facilities, yes. AOL? Who cares? :)

My other question is how would this be implemented? Will the White house have a "kill" switch next to the Red Phone, or will they just alert specific companies in danger of attack so they could pull their own plug?

Too many grey areas here. As usual, we need more information.

[unrelated p.s. - if you've been following my blog, the url has changed. it is now http://buckeyebarrierbuster.blogspot.com - sorry for the post hijack. ]

Unknown said...

Lawrence, that's a welcome FYI and I agree with your comment.

As an aside, I had to delete our friend from the orient since his post was attracting more friends from the orient.