Reply From: Gary Mounfield <manit_private> > Reply From: krys <kryst_private> > > > DOD preps office for cyberdefense > > > > According to an industry source familiar with the project, about 300 > > Ph.D.-carrying reservists would work from home computers that would be > > tied into high-speed communications links. DOD has budgeted $10 million to > > Is the fact that the people who will be protecting our nation's > information infrastructure own doctorate degrees supposed to be > comforting? I find this appalling. As most of us know, college teaches Let's have a quick look at the facts here. The statement you're so upset about is not from a press release or any other DoD official communication. It is from an anonymous soruce quoted in a Federal Computer Week article - hardly the most reliable of sources. What I took from this was that the unit would be largely reserve-based which sounds like a very good idea. In doing this DoD is admitting two things - 1) that it does not have sufficient expertise in house to carry out this function and 2) that it cannot attract the calibre of people it needs on a fulltime basis. Almost no security professional on this list, save for a few Walter Mitty types, is going to leave the private sector to go work for the US DoD. Quite a few of them would qualify, or have qualified, for security clearances and would not be adverse to "serving their country", albeit while keeping their cushy private sector job. Who would you rather have on this team, someone like Bruce Schneier or some kid just out of training who got the post because of a 6 week course in systems? > hoop-jumping and theory, with a bit of practical knowledge sprinkled on > top for color. Who are these people, and what qualifies them as > "cyberdefense warriors?" Some of the most skilled security > professionals I know have never even procured a Bachelor's degree, much > less a PhD. Who is responsible for training these people in matters of I doubt that a formal education will be a hard requirement for the unit. Professional standing / reputation is likely to serve the same function. Also do bear in mind that some of the most interesting work, from a DoD perspective, has been done by the likes of COAST and the UCDavid seclab. Much as I hate to admit it there are some good people in academia who are working on serious cutting edge stuff, cf some of the academic IDS systems. > network security? The same people who are responsible for the current > state of military and government security? That's almost laughable. > This smells suspisciously like a pacifier for the media and the public, > and a means to explain away $10mil U.S. dollars. I'm not buying it. The whole idea is that DoD is turning the whole damn thing on its head and creating a new unit with new responsibilities. As I said above, this amounts to a tacit admission of the failure of the current system. We shall see. Gary Mounfield -o- Subscribe: mail majordomot_private with "subscribe isn". Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:42 PDT