security Let me start this blog by saying that I am completely in favor of a broader leadership role for the U.S. Federal Government in cybersecurity. Based upon inside knowledge and lots of horror stories I’ve heard, I strongly believe that the state of cybersecurity is far worse that most people think.That said, I am also worried that cybersecurity is a political hot potato that may already be out of control. Here are a few examples that lead me to this conclusion:1. The new U.S. Cyber Command owned by DOD and NSA may or may not play in the civilian world. There is already a lot of scuttlebutt about the fact that DHS may have lost out in a power grab for cyber security because of weaknesses within the department. While the stated Cyber Command goal is for military cybersecurity only, I wonder how it will work with DHS and the White House cybersecurity coordinator.2. While the President searches for his cybersecurity coordinator, Senators Rockefeller (D-WV) and Snowe (R-ME) hope to push their Cybersecurity Act of 2009 through a Senate subcommittee in July. Since the month of July starts this week, shouldn’t this activity be in lock-step with the appointment of the White House cybersecurity coordinator?3. DHS is coordinating a program called Einstein to centralize network security. The goal is to get each Federal agency to use Einstein technology so DHS can capture and correlate network security activity across Federal government. Okay, but Einstein is based on proprietary software developed by Carnegie-Mellon and funded by DHS. Why is DHS funding this development effort when there is plenty of commercially-available software available for the same purpose?As if this isn’t enough, we’ve already had a public warning about the cybersecurity power grab by former DHS honcho (and obvious insider) Rod Beckstrom. Yikes!I am old enough to remember when military contractors were charging thousands of dollars for hammers and toilets while laughing all the way to the bank. Yes, the state of cybersecurity is a mess and we need immediate improvements but we also need oversight soon so this doesn’t turn into another Washington boondoggle. While cybersecurity is a real and pressing issue, let me remind our elected officials that we also have some macro economic and Federal budget woes to address. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe