Yesterday, the Washington Post reported that President Obama is preparing to announce the appointment of a national “'cyber czar,' a senior White House official who will have broad authority to develop strategy to protect the nation's government-run and private computer networks”, and that this announcement will coincide with the release of the government's cyber-security initiatives and policies. While I am not holding my breath waiting for a call from the White House, I do have some advice for the new cyber czar.
First of all, it is going to be important for you to be transparent and to quell fears that this is the first step towards an Orwellian world. Let people know you do not plan on being “big brother” and that you in no way plan to censor or shut down the Internet. This might sound silly, but there are some that see the creation of a cyber czar and the potential passing of the CyberSecurity Act of 2009 as a step towards a government run web. Second, take a good hard look at our infrastructure and figure out just how much of it is dependent on the web.
Then determine which networks are the most vulnerable and most likely to be attacked. Are we really worried about our cable stations being hacked by foreign countries? It wouldn't be good, but I think having a virus in our electric grid would be worse. However, let's stop talking and creating reports about how important this role is and why. We all know what's at stake – it's time to take some action. Which brings me to my third and final piece of advice: We should focus on ways to prevent attacks from succeeding, rather than standards for what to do if we are attacked via the Internet.
I realize we need to have a system in place for IF our networks are penetrated, but just like businesses, we should focus on keeping viruses, and malicious code out of our critical infrastructure networks, rather than fixing the mess once we know it is there. This will save our country time, money and possibly even lives. I will continue blogging about the creating of the cyber czar and what the government is doing to protect critical infrastructure's networks, so check beck often.
The original article/video can be found at Advice for the Cyber Czar