http://www.post-gazette.com/businessnews/20020106dicker0106fnp9.asp Sunday, January 06, 2002 By Linda Dickerson Jeffrey Hunker's unique insights on information technology security and his direct experience shaping significant public policy at a federal level made him an attractive candidate to lead Carnegie Mellon University's H. John Heinz III School of Public Policy and Management. In May, Hunker became the school's dean, succeeding Mark Kamlet, who left the post to become Carnegie Mellon's provost. During the Clinton administration, Hunker served in the White House as senior director for critical infrastructure at the National Security Council. In this capacity, he developed the country's first national strategy for cybersecurity. Only recently, people began to appreciate the value of his work. "Prior to Sept. 11, 2001 ... there were a lot of individuals who'd say that it's all theoretical," Hunker said. Last year's tragedies made security of all kinds, including cybersecurity, a pressing issue. About two years ago when the nation experienced its inaugural distributed denial of service attack, cybersecurity issues first catapulted to the forefront of public attention. As a result of the attack, thousands of individual computers were inexplicably unable to access the Internet due to a virus distributed freely by hackers trying to disrupt, if not disable, the country. Through the "couple thousand hacker Web sites" that Hunker says are available on the Internet, hackers exchange information about how to penetrate the Web by accessing computers that are not generally available to them. Hunker cites automated tracker software available for downloading from the Web as evidence of this unscrupulous activity. And, he predicts that the level of such activity will continue to rise. "It is just a matter of time before the next big wave of distributed denial of service," Hunker predicted. As the nation and the world become increasingly reliant upon the Web and the Internet, the risk associated with a distributed denial of service elevates accordingly. "There are so many interdependencies," Hunker said, "that a serious intermittent disruption of service to a relatively small number of computers will affect everyone." Despite the serious nature of this, he said, "It's disruption rather than destruction." But, the unpredictability of it exacerbates the potential problems that a distributed denial of service attack could create. "You don't know when it is going to happen ... but there's just too much opportunity out there," Hunker said. And a distributed denial of service attack is not the only threat. "The rise of cybercrime is also a concern," he said. He urges business people to recognize that the "technology is changing rapidly, the threats are also changing rapidly, so you have to keep up." The pace of change in the information technology field is dizzying. "Three years ago is like the Stone Age," Hunker said. This, of course, places businesses at greater risk, but the typical risk mitigation tools, such as insurance, aren't readily available. "I challenge you to go out and buy insurance for the contents of your computer," Hunker added. While some insurance is on the market, it is costly and generally not sufficiently comprehensive. Protecting a computer's contents, however, is not the sole content-related concern. Determining what is appropriate content for broadcasting on the Web also is an issue hotly debated these days. When several enterprises marketed Nazi memorabilia on the worldwide Web, eBay canceled its contract because the French government considered such activity to be a violation of their federal law. Although other countries permitted the sale of such merchandise, the Web broadcasts its information worldwide. France could not be excluded. To further complicate matters, Hunker said, "You've got the issue of privacy and of free speech." These areas of the law frequently collide, requiring the intervention of higher powers for their resolution. "It is eventually going to be a Supreme Court issue," Hunker predicted. He clearly hopes that the Heinz School is leading the debate that will ultimately shape the federal policies on this matter. Carnegie Mellon University's reputed pre-eminence in information technology coupled with Hunker's deep understanding of the nascent cybersecurity industry position Pittsburgh well to assume a leadership role. "I want to make Pittsburgh the national and international center for cybersecurity," he said. The resources available at Carnegie Mellon and elsewhere in the region distinctively enable this area to assume this august role. As cybersecurity climbs to the top of the world's priority list, Pittsburgh could easily command the world's attention. Linda A. Dickerson is a principal in Dickerson & Mangus Ink., an issues consulting firm. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jan 08 2002 - 05:55:31 PST