Is FEMA The Best Group To Model A Cybersecurity Agency After?

from the proactivity dept

There's been a lot of talk about the cybersecurity policy actions the Obama administration will undertake, with few clear ideas on exactly what such a policy should entail, or what powers the much-discussed cybersecurity "czar" should have. One of the supposed leading candidates for the czarship says that what the country really needs is "a FEMA for the internet" that can coordinate responses to electronic attacks and problems. The wisdom of invoking the idea of another FEMA doesn't seem too wise, given the agency's rather tarnished reputation following its ham-fisted response to Hurricane Katrina and other disasters, but leaving that aside, there may be deeper issues. FEMA's role is largely preparedness for and reaction to natural disasters; shouldn't a cybersecurity agency be focused more on prevention than reaction? The idea of something like FEMA makes sense in the context of natural disasters and emergencies, since they are largely unpreventable and inevitable. But isn't cybersecurity an area in which prevention of disasters and attacks is arguably more important?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cybersecurity, fema, government, politics


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Ima Fish, 20 Feb 2009 @ 9:13am

    "what the country really needs is a FEMA for the internet"

    Are you sure this wasn't a line from the Simpsons?! The Onion?!

    link to this | view in chronology ]

  • identicon
    weneedhelp, 20 Feb 2009 @ 10:07am

    REX 84 & FEMA

    REX 84 Google it. Yeah, thats what the internet needs.

    http://uweb.txstate.edu/~lf14/conspire/rex84.html

    link to this | view in chronology ]

    • identicon
      youneedhelp, 20 Feb 2009 @ 12:39pm

      Re: REX 84 & FEMA

      Seriously, did you even read this tripe before linking to it?

      "The first targets in any FEMA emergency would be Hispanics and Blacks."

      I love a good conspiracy theory as much as the next guy, but whoever authored this pile of shit could at least take a minute to update his/her racial profiling targets to include the pariah ethnicity du jour.

      Never mind, I'm probably screaming at the deaf here.

      link to this | view in chronology ]

      • identicon
        weneedhelp, 20 Feb 2009 @ 1:31pm

        Re: Re: REX 84 & FEMA

        No conspiracy about it. Did YOU read it?
        I see you chose to ignore:
        The first targets in any FEMA emergency would be Hispanics and Blacks, the FEMA orders call for them to be rounded up and detained. Tax protesters, demonstrators against government military intervention outside U.S. borders, and people who maintain weapons in their homes are also targets.

        There is nothing racist about that comment. Stop being a fool by trying to discredit someone by labeling them a bigot. STRAWMAN

        FEMA - The Secret Government
        By Harry V. Martin with research assistance from David Caul
        http://www.sonic.net/sentinel/gvcon6.html
        http://www.sonic.net/sentinel/wrprof.html

        There are more than enough articles about REX84. If you choose to ignore them then that makes you an average American.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 20 Feb 2009 @ 1:40pm

          Re: Re: Re: REX 84 & FEMA

          Some people live in wonderfully amazing worlds. I wish it was me.
          Once I worked with a guy who was so convinced that USA has satellites capable of creating earthquakes that he almost kicked my ass when I couldn't stop laughing at him.

          I have no beef submitting to the likely existence of these measures. But the conclusions drawn are just beyond anything I have giggled at in a long time.

          600 empty prisons. Well, at least the guards have a job in this economy :D

          link to this | view in chronology ]

          • identicon
            weneedhelp, 20 Feb 2009 @ 2:21pm

            Re: Re: Re: Re: REX 84 & FEMA

            "Some people live in wonderfully amazing worlds. I wish it was me." OH YOU ARE.

            Terry Kings wrote an article on his discoveries of camps located in southern California. Here are some of his findings:

            The first camp we observed was in Palmdale, California. It is not operating as a prison at the moment but is masquerading as part of a water facility. Now why would there be a facility of this nature out in the middle of nowhere with absolutely no prisoners? The fences that run for miles around this large facility all point inward, and there are large mounds of dirt and dry moat surrounding the central area so the inside area is not visible from the road. There are 3 large loading docks facing the entrance that can be observed from the road. What are these massive docks going to be loading?

            We observed white vans patrolling the area and one came out and greeted us with a friendly wave and followed us until we had driven safely beyond the area. What would have happened had we decided to enter the open gate or ask questions?

            This facility is across the street from the Palmdale Water Department. The area around the Water Department has fences pointing outward, to keep people out of this dangerous area so as not to drown. Yet, across the street, the fences all point inward. Why? To keep people in? What people? Who are going to be it’s occupants?

            There are also signs posted every 50 feet stating: State of California Trespassing Loitering Forbidden By Law Section 555 California Penal Code. The sign at the entrance says: Pearblossom Operations and Maintenance Subcenter Receiving Department, 34534 116th Street East. There is also a guard shack located at the entrance.

            We didn’t venture into this facility, but did circle around it to see if there was anything else visible from the road. We saw miles of fences with the top points all directed inward. There is a railroad track that runs next to the perimeter of this fenced area. The loading docks are large enough to hold railroad cars.

            Another site is located in Brand Park in Glendale. There are newly constructed fences (all outfitted with new wiring that point inward). The fences surround a dry reservoir. There are also new buildings situated in the area. We questioned the idea that there were four armed military personnel walking the park. Since when does a public park need armed guards?

            A third site visited was in the San Fernando Valley, adjacent to the Water District. Again, the area around the actual Water District had fences logically pointing out (to keep people out of the dangerous area). And the rest of the adjacent area which went on for several miles was ringed with fences and barbed wire facing inward. Also interesting was the fact that the addition to the tops of the fences were fairly new as to not even contain any sign of rust on them. Within the grounds was a huge building that the guard said was a training range for policemen. There were newly constructed roads, new gray military looking buildings, and a landing strip. For what? Police cars were constantly patrolling the several mile perimeter of the area.

            From the parking lot of the Odyssey Restaurant a better view could be taken of the area that was hidden from site from the highway. There was an area that contained about 100 black boxes that looked like railroad cars. We had heard that loads of railroad cars have been manufactured in Oregon outfitted with shackles. Would these be of that nature? From our position it was hard to determine.

            In searching the Internet, I have discovered that there are about 600 of these prison sites around the country. They are manned, but yet do not contain prisoners. Why do they need all these non-operating prisons? What are they waiting for? We continuously hear that our current prisons are overcrowded and they are releasing prisoners because of this situation. But what about all these facilities? What are they really for? Why are there armed guards yet no one to protect themselves against? And what is going to be the kick-off point to put these facilities into operation?

            link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 Feb 2009 @ 10:15am

    But ...

    While cyber security should really be focused on prevention. Total security is impossible. Therefore an effort is justified in setting up policies to react to a security breach.

    Just imagine what it would be like if they designed the 'perfect' security system and so didn't worry about what they would do if it got breached because that is "impossible." They'd be caught with their proverbial pants around their ankles and the hacker would ravage their system as he/she/it wanted to.

    So FEMA might be a bad model to work from but don't you dare just focus on prevention, you must work to prevent security breaches but you better have a backup plan

    link to this | view in chronology ]

  • identicon
    jonnyq, 20 Feb 2009 @ 10:27am

    "The wisdom of invoking the idea of another FEMA doesn't seem too wise, given the agency's rather tarnished reputation following its ham-fisted response to Hurricane Katrina and other disasters, but leaving that aside, there may be deeper issues."

    That's because the federal government just isn't equipped - nor should they be - to take the lead in recovery from a natural disaster. Katrina was a mess because no one local took charge. They waited for the federal agency to come take over.

    That is precisely why no computer network should be reliant on federal aid. FEMA exists to help local leaders. What sort of help would a federal agency provide to local network admins? Why should they? It really sounds like you're accepting the premise that the government might actually have a role, but I don't see a reason to accept that.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 Feb 2009 @ 10:39am

    FEMA hasn't always been a joke

    FEMA has had a bad reputation ever since the the phrase "You're doing a heck of a job, Brownie" fell from George Bush's lips.

    But honestly, FEMA has not always been a terrible joke. You will get this problem any time y take any agency or business and put someone totally unqualified at its head based entirely on political loyalty rather than competence and qualifications.

    link to this | view in chronology ]

  • identicon
    Nick, 20 Feb 2009 @ 10:43am

    FEMA actually is a fairly good example of how a very large organization can work.
    Now what happened about eight years ago what a disaster for FEMA.
    A new president was elected, and a rotation of "leaders" were initiated.
    The result was a large quantity of inexperienced friends, family members, neighbors and pets finding themselves with a nice income and a job they had no clue about how to perform.
    The result was evident in New Orleans.
    One could easily argue that FEMA wasn't the only organization suffering due to change in management.

    Now this isn't specifically to provoke W fans. The rotation happens after all elections.
    But rarely with as disastrous results as what we have been witness to for almost a decade.

    link to this | view in chronology ]

  • identicon
    Man from Atlanta, 20 Feb 2009 @ 11:57am

    Only generally?

    Now this isn't specifically to provoke W fans. The rotation happens after all elections.

    But rarely with as disastrous results as what we have been witness to for almost a decade.

    -- If this wasn't to provoke, the last sentence was entirely unnecessary.

    link to this | view in chronology ]

    • identicon
      Nick, 20 Feb 2009 @ 12:14pm

      Re: Only generally?

      I can prove there gave been management disasters.
      You can not prove there have been none.

      I understand you are unhappy with the current leadership but it is irrelevant.

      My statements supports my initial argument that FEMA is likely a good model.

      And that is all the time I am going to spend on you.

      link to this | view in chronology ]

  • identicon
    Man from Atlanta, 20 Feb 2009 @ 12:06pm

    What's wrong with NIST?

    Having seen the difference between federal efforts and state cybersecurity efforts, I'm impressed by the feds.

    http://csrc.nist.gov/groups/SMA/fisma/index.html

    Security is never absolute and with an organization as big as the federal government you'll always find laggards, but by and large I think NIST (Nat'l Institute of Science and Technology) has done a pretty good job moving toward the goals of FISMA (Federal Information Security Management Act).

    Adding governance of private cybersecurity would be a curve ball. Perhaps whoever thinks this is a good idea sees the geopolitical effects of state-run chinese IT efforts and thinks we need to replicate these efforts. I have my doubts about such an approach. For instance, we have open records laws and I suspect many of us would like to keep them.

    link to this | view in chronology ]

  • identicon
    LostSailor, 20 Feb 2009 @ 12:26pm

    Plan for the Best, Prepare for the Worst

    To echo some comments here, yes, it is certainly wise to plan and work to prevent cybersecurity problems, but it is also wise to prepare to respond when those plans prove to be unsuccessful in any specific instance.

    FEMA actually had a very good track record before the last administration and the handling of Katrina, such as dealing with the aftermath of Hurricanes Hugo and Andrew. When actual disaster management professionals are put in charge (as opposed to former commissioners of the International Arabian Horse Association), they can be quite effective.

    FEMA is probably a good model for one part of the federal cybersecurity equation.

    link to this | view in chronology ]

  • identicon
    Please, 20 Feb 2009 @ 1:10pm

    FEMA was fine until the Homeland Security Department was created and they shoved FEMA under there. FEMA should have been left alone.

    link to this | view in chronology ]

  • identicon
    Please Again, 20 Feb 2009 @ 1:11pm

    Notice very few FEMA complaints from the folks in the midwest who flooded?

    link to this | view in chronology ]

  • identicon
    Gene Cavanaugh, 21 Feb 2009 @ 11:45am

    Cyber security czar

    This is something that deserves more than a "knee-jerk" reaction - whoever shot off their mouth should be removed from consideration by the Obama administration.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.