Re: [ISN] DOD preps office for cyberdefense

From: mea culpa (jerichot_private)
Date: Fri Jul 24 1998 - 01:59:27 PDT

  • Next message: mea culpa: "[ISN] Paging Network Hijacked"

    Reply From: Gary Mounfield <manit_private>
    
    > Reply From: krys <kryst_private>
    > 
    > > DOD preps office for cyberdefense
    > > 
    > > According to an industry source familiar with the project, about 300
    > > Ph.D.-carrying reservists would work from home computers that would be
    > > tied into high-speed communications links. DOD has budgeted $10 million to
    > 
    > Is the fact that the people who will be protecting our nation's 
    > information infrastructure own doctorate degrees supposed to be
    > comforting? I find this appalling. As most of us know, college teaches
    
    Let's have a quick look at the facts here. The statement you're so upset
    about is not from a press release or any other DoD official
    communication. It is from an anonymous soruce quoted in a Federal Computer
    Week article - hardly the most reliable of sources. What I took from this
    was that the unit would be largely reserve-based which sounds like a very
    good idea. In doing this DoD is admitting two things - 1) that it does not
    have sufficient expertise in house to carry out this function and 2) that
    it cannot attract the calibre of people it needs on a fulltime basis.
    Almost no security professional on this list, save for a few Walter Mitty
    types, is going to leave the private sector to go work for the US DoD.
    Quite a few of them would qualify, or have qualified, for security
    clearances and would not be adverse to "serving their country", albeit
    while keeping their cushy private sector job. Who would you rather have on
    this team, someone like Bruce Schneier or some kid just out of training
    who got the post because of a 6 week course in systems?
    
    > hoop-jumping and theory, with a bit of practical knowledge sprinkled on
    > top for color. Who are these people, and what qualifies them as
    > "cyberdefense warriors?" Some of the most skilled security 
    > professionals I know have never even procured a Bachelor's degree, much
    > less a PhD. Who is responsible for training these people in matters of 
    
    I doubt that a formal education will be a hard requirement for the unit.
    Professional standing / reputation is likely to serve the same function.
    Also do bear in mind that some of the most interesting work, from a DoD
    perspective, has been done by the likes of COAST and the UCDavid seclab.
    Much as I hate to admit it there are some good people in academia who are
    working on serious cutting edge stuff, cf some of the academic IDS
    systems.
    
    > network security? The same people who are responsible for the current
    > state of military and government security? That's almost laughable. 
    > This smells suspisciously like a pacifier for the media and the public,
    > and a means to explain away $10mil U.S. dollars. I'm not buying it.
    
    The whole idea is that DoD is turning the whole damn thing on its head and
    creating a new unit with new responsibilities. As I said above, this
    amounts to a tacit admission of the failure of the current system.
    
    We shall see.
    
    Gary Mounfield
    
    
    -o-
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:42 PDT