• United States



Contributing Writer

Cybersecurity boondoggle?

Jun 30, 20092 mins
Cisco SystemsData and Information Security


Let me start this blog by saying that I am completely in favor of a broader leadership role for the U.S. Federal Government in cybersecurity. Based upon inside knowledge and lots of horror stories I’ve heard, I strongly believe that the state of cybersecurity is far worse that most people think.That said, I am also worried that cybersecurity is a political hot potato that may already be out of control. Here are a few examples that lead me to this conclusion:1. The new U.S. Cyber Command owned by DOD and NSA may or may not play in the civilian world. There is already a lot of scuttlebutt about the fact that DHS may have lost out in a power grab for cyber security because of weaknesses within the department. While the stated Cyber Command goal is for military cybersecurity only, I wonder how it will work with DHS and the White House cybersecurity coordinator.2. While the President searches for his cybersecurity coordinator, Senators Rockefeller (D-WV) and Snowe (R-ME) hope to push their Cybersecurity Act of 2009 through a Senate subcommittee in July. Since the month of July starts this week, shouldn’t this activity be in lock-step with the appointment of the White House cybersecurity coordinator?3. DHS is coordinating a program called Einstein to centralize network security. The goal is to get each Federal agency to use Einstein technology so DHS can capture and correlate network security activity across Federal government. Okay, but Einstein is based on proprietary software developed by Carnegie-Mellon and funded by DHS. Why is DHS funding this development effort when there is plenty of commercially-available software available for the same purpose?As if this isn’t enough, we’ve already had a public warning about the cybersecurity power grab by former DHS honcho (and obvious insider) Rod Beckstrom. Yikes!I am old enough to remember when military contractors were charging thousands of dollars for hammers and toilets while laughing all the way to the bank. Yes, the state of cybersecurity is a mess and we need immediate improvements but we also need oversight soon so this doesn’t turn into another Washington boondoggle. While cybersecurity is a real and pressing issue, let me remind our elected officials that we also have some macro economic and Federal budget woes to address.

Contributing Writer

Jon Oltsik is a distinguished analyst, fellow, and the founder of the ESG’s cybersecurity service. With over 35 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. Jon focuses on areas such as cyber-risk management, security operations, and all things related to CISOs.

More from this author