Slow Down, Homeland Security: Does Everyone Really Agree That We Need Cybersecurity Legislation Now?
from the why-the-rush,-sparky? dept
We've been following the debate over the new cybersecurity bill, while still asking for detailed explanation of why it's needed that is a bit more specific than politicians screaming about airplanes falling out of the sky. To date, no one seems to be able to show any real threat -- other than a bunch of folks in a position to profit from the fear mongering, yelling "trust us! it's bad!" But we've seen this game before, and it's how a lot of money gets wasted, privacy rights are eroded, and nothing is done to deal with any real problem.So why can't we hit pause and ask for some actual evidence?
Yes, there's a turf war between DHS and the NSA/DoD over who gets to control the purse strings and have more control, but no one seems to be asking for the actual evidence. Instead, they're just trying to push forward as fast as possible. Witness this blog post from Mark Weatherford, Homeland Security's Deputy Undersecretary for Cybersecurity, in which he insists that everyone agrees that we need a cybersecurity law and we need it now:
We must deliver and we must act quickly. It’s time to be bold. The troubling side of spending a week with some of the experts in the cybersecurity world is that when we compare notes on our views of the threat, we all agree that despite the firewalls and layered defenses, we are not always keeping intruders out. We need to continue to sharpen our response tactics and move even faster when an intruder gets inside to limit the damage and protect our information. That requires a fast, unified response between federal agencies and our private partners – which is where Congress can help.I agree that we're not always keeping intruders out -- though I think it should be admitted that we'll never "always" keep intruders out. That's an impossible goal. And I agree that sharing information to build up better defenses could be a good thing. But how do we then take the logical leap that this "requires a fast, unified response" from the government? The operators of these networks already are working hard to keep intruders out and have tremendous incentive to keep improving their defenses. Why do we need regulations to continue that process? That's the part that's never been clearly explained, and it seems like a pretty big gap, which all this talk about the necessary "rush" is designed to paper over.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: cybersecurity, cyberwar, dhs, dod, evidence, mark weatherford, nsa
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
can't keep illegal aliens out at just the borders
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Smart Patch
Just apply the patch to your arm, like a nicotine patch, and you’ll become Smarter! Send your money, along with a self-addressed envelope, to: PO BOX 343, New York, NY 01010
[ link to this | view in chronology ]
"...as a quick poll at the DHS offices confirmed."
[ link to this | view in chronology ]
Interesting
[ link to this | view in chronology ]
Re: Interesting
"We just need to get rid of all the stupid users"
"I read the article, but all I heard was "Blah blah blah, I'm a terrorist."
[ link to this | view in chronology ]
Himmler..
[ link to this | view in chronology ]
The most disturbing part is that they admit the public is not part of the process anymore, i.e. "everyone they think that matters".
[ link to this | view in chronology ]
No Legislation Required
It is total fantasy to imagine that criminals or foreign governments would be discouraged by legislation. The real problem is that there is no penalty imposed on managers who make dumb mistakes. That is a matter of political will and nothing to do with legislation. Bureaucrats who have been caught out not doing their jobs, often say things like, "Oh, minister, we do not have the power. We need more legislation." That is standard practice. Any senior politician who falls for that line, is a gullible fool and has not learnt from history. Such a politician needs to leave politics.
[ link to this | view in chronology ]
Re: No Legislation Required
[ link to this | view in chronology ]
Re: Re: No Legislation Required
name the organisation that employes more computer scientists, engineers, mathamations, programmers and software engineers that any other organisation on the planet bar none ? and that has the most powerfull supercomputers ?
was not DARPA a "government" ??? you know the guys who invented the internet ? Hmm !!!
"We just need to get rid of all the stupid users"
[ link to this | view in chronology ]
Re: Re: Re: No Legislation Required
[ link to this | view in chronology ]
Re: Re: Re: No Legislation Required
Even so, having the most (powerful) tools means nothing if one doesn't know how to use them properly.
DARPA was (is) not a "government". It was (is) an agency of the USDoD (United States Department of Defense), and as Hephaestus pointed out already they did not 'invent the internet'.
You, Mr. Anonymous Coward, have identified yourself as a stupid user. Please remove yourself from the internet immediately.
That is all.
[ link to this | view in chronology ]
RE
Everyone (in Government) knows thinking is BAAAAD!!!
(it killed SOPA/PIPA doncha know?)
[ link to this | view in chronology ]
Some thought...
But in that case, most of software vendors would have gone backruptted.
******
People using unanthorized software in government or mission critical organization need to be punished, but not by law.
Leaving the floor wet without warning is dangerous to others, but I'd think creating a law for this would be going too far...
[ link to this | view in chronology ]
Democracy thrives with an educated populace, right?
[ link to this | view in chronology ]
Re: Democracy thrives with an educated populace, right?
if you tell the enemy that at 3pm next tuesday you are going to invade a beach, with 10,000 troops and 20 tanks you would probably expect the enemy to be somewhat prepared for the assault. If you tell them nothing, the enemy will be somewhat LESS prepared for it.
Why would your Government want to inform YOU of what they are doing, after all, whatever they say or do according to masnick and his followers is wrong, and stupid, and they dont have a clue (but you do !!!)..
I would not bother informing you either, because either way you people appear to no understand it, therefore it's a waste of time.
[ link to this | view in chronology ]
Re: Re: Democracy thrives with an educated populace, right?
If you're going to call someone out for being uninformed, you should pull your head out of your ass first, just sayin'.
[ link to this | view in chronology ]
Re: Re: Democracy thrives with an educated populace, right?
[ link to this | view in chronology ]
Re: Re: Democracy thrives with an educated populace, right?
Second:
The threat we face from an outside force without this cybersecurity information sharing nonsense is LESS THAN THE THREAT we face than if we blindly allow the government (who could be infiltrated by our enemy for all you know, but that's not what I'm saying) to make this legislation without the consent of the people.
... The CIA thought it was a good idea to commit false flag operations at home to turn political sentiment against Cuba a long time ago.
That's one of those things they (and you) would like to keep secret for security purposes, but which is FAR MORE IMPORTANT for the people of our country to know about.
[ link to this | view in chronology ]
Who said everyone has to agree ?
[ link to this | view in chronology ]
Why the rush? Simple: $$
What do basically all of these groups have in common? They either a) provide products or services that will be mandated by the Act or b) lobby/represent those companies. This isn't proof that we do or don't need some sort of cybersecurity legislation, but it sheds some light on why "everyone" supports it - "everyone" stands to increase budgets or make money.
Same story for the hearings in February. You have DHS (wins the turf war under the CSA12), Stewart Baker (works for law firm that will get tons of work under the Act), Microsoft (will get tons of money securing networks), Tom Ridge (on behalf of US Chamber of Commerce).
[ link to this | view in chronology ]
Do we need this law?
[ link to this | view in chronology ]
yep that should solve 99% of the issues
[ link to this | view in chronology ]
Listen to Rockefeller Rant
http://commerce.senate.gov/public/index.cfm?p=Multimedia
The scare everyone speech -- http://www.youtube.com/user/SenateCommercePress -- http://www.youtube.com/watch?v=ywfz0ZvNBfE
OMG we are all gonna die via cyber attack!
[ link to this | view in chronology ]
cispa
[ link to this | view in chronology ]