Yet another high-ranking government official in charge of securing the country's computer networks has resigned. This time, it's the head of the US Department of Homeland Security's Computer Emergency Readiness Team. Mischel Kwon submitted her letter of resignation last week, according to The Washington Post. The report cited …
I'll Do it!
I am a total jerk when it comes to security. I would be perfect for the job. Once when working with an ex-military type and setting security for a key retrieval system he commented "we don't even secure launch codes that well, what are you trying to protect?" to which I replied "nothing, it's just the best way". I am just a trust no one and have witnesses kinda guy ;)
If POTUS wants me he knows where I am.
Make no mistake, the delays in filling these positions are manufactured (as are the qualifications for those who are appointed). The goal is to allow a large infrastructure attack as the pretext for increasing our surveillance society. You think the Patriot Act was bad, just wait until they unveil the TCP/IP Act (Take Control of Packets/Internet Pwnage Act).
Mine's the one with the ham packet radio in the pocket.
He couldn't even secure his own campaign's - brand new - webservers, with the result I (and presumably many others) received spam sent through his unsecured mailer CGI. His campaign wasn't bound by Congressional oversight, Inspector-General audits or anything of the sort, and didn't even have multi-year-old legacy systems to integrate, just their own web content. I suspect his team was just too seduced by "ooh, shiny!" syndrome, plugging their stuff into Facebook, Twitter and whatever else they could find, rather than tending to the basics of running the website competently.
I don't think yet another "czar" would help, though. Proper, fully authorised and monitored, pen-testing (maybe by DHS or the NSA, they should know a thing or two about it) with published reports ("name and shame") and deadlines for vulnerabilities to be patched, perhaps.
That or just take the shiny toys away from the departments which can't be trusted with them. Did his campaign really need a ready-made spambot backdoor for people to email each other with, rather than using a proper email client like everyone else? How many more unsecured CGIs (or equivalent) are lurking out there on .gov servers waiting to be exploited, which could just be deleted without anyone really losing out?
The good news: he chose sensible people
At least these people didn't sit on their rear end to play politics for a couple of years which makes a change.
The problem Obama has that he to wade through 8 years worth of empire building. I wouldn't go as far as call it corruption, but I think there are a lot of established vested interest who won't give up their power without a fight, regardless of how much it continues to hurt US credibility.
The fact that a lot of people have packed in the job shows that (a) those influences haven't been dealt with but (b) Obama (or whoever advises him) is at least choosing people that care for the job.
That in itself I find extremely encouraging.
Umm... Sorry to burst your Hate Bush bubble, but Hathaway was the person who launched Bush's cyber-security initiative. Kwon accepted her role in June of 2008. Based on your quote,
"At least these people didn't sit on their rear end to play politics for a couple of years which makes a change."
It looks like Bush was the one making the right decisions. And it looks like in THESE cases, they were all too willing to "give up their power without a fight, regardless of how much it continues to hurt US credibility."
Knowing that in advance, I am sure your comment would have gone quite differently. Probably something along the lines of "These former bushites knew that they weren't going to be able to play the same games they did under Bush's empire, so got out before they were forced out." Too late to play that card after you just complimented them though.
8 years of empire building? Try 76 or 96. The last president who contracted government was Coolidge.
I'm no fan of W, but he was a piker compared to FDR and LBJ.
Whatever. (&@ soaklord)
I've said it before, and I'll say it again ... Anyone who uses the term "cybersecurity" seriously is either separating fools from their money, or is the fool being fleeced.
Good riddance, as far as I'm concerned.
soaklord: Bush Jr. was a puppet. Bush Sr. was an opportunist, as was Clinton. Don't deify them, it just makes you look like an idiot.
Absolutely no deification here.
There isn't a president in my lifetime that I have actually liked, let alone respected enough to deify. I am, however, tired of the ridiculous mantra that some put forth about how much of a devil Bush part deaux was and how much of a saviour there is in the office now. And the lack of research by likes of the prehistoric man drives me insane. Proof positive that there *is* deification taking place, just not in my post.
Apologies. I misread yours (easy to do in this medium).
Don't go insane ... Sanity WILL prevail over the long haul, regardless of political opinion.
May take another incident
Unfortunately, it may require a real security incident before a position like this is granted the funding and authority necessary to keep people around, e.g., a power outage, stock exchange DoS, disabled flight control system cag, etc. Usually reactive, not proactive, the price of politics