FCC under fire for trying to ditch cybersecurity The ideological goal of "light touch regulation" as proposed by the new head of the US FCC has hit a barrier: cybersecurity. As the federal regulator of all things telecom, the FCC has been increasingly pulled into efforts to secure the United States' online infrastructure against attacks, just as have many other federal …
"This being Congress, the likely approach will be to create a complex and unworkable solution that saves face, quashes the Democrats and fails miserably to address what is a very serious issue."
My money's on the Cybercrims.... Expect more Leaks / Hacks, IoT Ddos / Device Hijacking / Ransomware coming to a city near you...
I thought politicians are supposed to be there for the best interests of their voters, not to quash anything proposed by the opposition, whether it has merit or not.
If a proposal is really stupid, fine, argue against and show why it is wrong. If it has merit and protects your voters, then have the good grace to acknowledge it and be done with it!
This post has been deleted by its author
This post has been deleted by its author
Ever heard of expert consultancy?
And I would say that the second paragraph is exactly what they should be doing. That is certainly what the EU commission is looking at doing.
The problem is, IoT devices will suddenly be priced realistically and people will actually question, whether they need them or not. Maybe not a bad thing.
If the devices have to have enough price overhead included (or a subscription) to keep them safe for a reasonable lifetime (at least 5 or 10 years, depending on the device), the it will make people appreciate just how complex and difficult such things are to make and maintain and it should help reduce network misuse.
This post has been deleted by its author
Information security already is spoken for by the Department of Homeland Security, at least back to 2011, when they were beginning to exercise authority over information assurance at the Department of Defense, where I worked at the time. DoD still had its rules and procedures in place, but the guidance going forward appeared to be coming from DHS in a way that was nonnegotiable. That intent was clear in the cyber threat sharing bill that generated a good deal of controversy a year or so back and is clear also from the DHS web site, which clearly indicates their responsibility for matters related to communications, information technology, and emergency services. This is said to be described in President Obama's Presidential Policy Directive 21, issued 12 February, 2013 (which I have not read). I expect the bills the article references do not show much more than Democratic friskiness and attempts to stir up a little controversy.
Has DHS actually done anything with regards to cyber security?
What Congress (at least the democrats) are looking for is recommendations that they can make into laws/regulations.
What we have now is a bunch of agencies that are focused on mass spying.... that's not cyber security. Plugging the holes in our infrastructure is cyber security. Protecting Americans while online is cyber security.
The FCC with the new administration seems to think their job is to do nothing, and let free enterprise (big corporations) figure it out. That's not good enough.
Maybe the FCC isn't the answer. Maybe it's someone else (yet to be created) working with NIST to get Congress the data they need... the DoD?
At least the previous FCC head recognized the problem and was trying to do something to improve the situation.
In the past, I took 10 min. reading through a list of all the agencies. It was a convoluted mess... trying to figure out who reports to who, and what their responsibilities were.
It used to be (or at least my perception) that things were much simpler. CIA focused on foreign threats. FBI internal threats (criminals). DoD the military.
There is just to many agencies and bureaucracies... DHS, Border Control, DEA.
I'd like to see the DoD/military (hopefully more distant from the politicians) have more responsibilities. If we are talking about state sponsored cyber attacks (cyber warfare) that's a military action. Same with securing the borders, international airports, etc. they already have the drones, personnel and hardware. Sure they have to pass off some responsibility as limited by the Constitution, but that's what the FBI (etc) are for.
Government debt is 20 trillion and growing a trillion a year. The only way we're going to "balance" the budget is to clean up and streamline these bureaucracies.
Whether or not DHS has done anything is a matter for the House Government Operations committee and its Senate counterpart. The fact is that they, not the FCC, are on the hook to do so. My impression, as of 2011, was that they then were acting on that and I do not have any reason to think they are not.
The notion that the DoD should have the responsibility might run up against the Posse Comitatus act (1878), which severely limits use of the Army in domestic matters. Later modifications have applied that to the Air Force, and Navy regulations similarly restrict the Navy and Marine Corps.
As far as concerns government streamlining, DHS actually is the outcome of such a streamlining effort, consolidating the Coast Guard, Immigration, Customs Enforcement, TSA, the National Cybersecurity Center, US-CERT, and a number of other agencies generally concerned with matters of internal security. In the context of PPD-21, the FCC has a defined cybersecurity role, largely consultative, as Chairman Pai is reported to believe. It is not clear that new legislation is required.
The FCC Chair is just a Lazy drone, who wants to earn a paycheck, while doing little to nothing. There is too much government bureaucracy, and too much of no one doing anything useful accept sitting around talking and talking about doing something, when little to nothing is happening. The FCC just sits on their hands. At least the Democrats are introducing bills that would force the FCC to DO SOMETHING. The Republicans aren't going to do much accept help their big bucks buddies do nothing but make more money, see to it that the rest of us barely stay afloat, and probably help cyber attacks happen, in order to make more money. The Republicans will just forestall these bills without making it appear that they oppose efforts to enhance cyber security, and continue as much mass surveillance as they can legally get away with, on the premise of protecting us from terrorists, while just making a note of anyone who opposes their plans, ideas, and rules.
Then the Democrats simply need to play one of the Republicans' own cards against them. Make the whole deal into a "with us or against us" up-or-down kind of deal, perhaps by adding a sense of urgency or a threat of a Cyber 9/11 so that any attempt to forestall or delay would be painted as itself threatening national security and just as bad as a "no" vote.
This kind of tactic is one reason Republicans are having trouble replacing Obamacare: because it's way too easy for Democrats to cite explicit cases of people who literally depend on Obamacare just to live. Take away Obamacare and people DIE...which won't sit well come midterms (plus there's the risk a law on the books will allow bereaved families to SUE).
This post has been deleted by its author
Except they're ALL we have to work with. Of 535 congresspeople there's (what?) one or two independents in there (and they caucus with the Democrats in any event)? And the whole election system's rigged so badly we'd sooner have a coup d'etat than a peaceful changeover of power to a third party.
Basically, we have to cut this tree down, but the only tools at our disposal are a length of cheap rope and a plastic toy saw. What do we do?
Funny I had assumed it already was given the number of SCADA systems that seem to communicate over it and the number of supply chains that depend on JIT ordering and delivery, never mind the ability of people to talk to each other.
BTW with this mandate would this put the internet properly under FCC regulation rather than shoe horning it in using the 1934 Telecomms Act?
Hope non US bodies will set the rules - i.e. EU, and because OEM will need to comply with this rules to sell on those markets, US will get too goods designed following those rules without having a say in them (or totally crappy products for its own market).
For far too long, it happened the other way round.
It would also define communications networks as part of the US' "critical infrastructure"
Russians did it last year. Their law also has criminal penalties for any C class executives of a company which has been designated as such and has failed to deploy adequate cybersecurity.
Now, let's see how badly will the US Congress cut-n-paste from the Russian criminal code and how much will it be neutered. After that you should never make really responsible for anything a person whose only actual executive responsibility is to yield a golf club (and receive his golfocratic bonus).
The funniest bit is that it is being pushed by the most Russophobic part of Congress too - the democrats.
... to make a proper broth.
NSA is also has a remit to secure US communications - although in their case they clearly decided that it would be both boring and make their lives too difficult to actually participate in this.
Maybe OPM should also have a say - after all they managed to provide the perfect example of how not to do things.
And the EPA - because wifi and digging trenches for fibre are dangerous to the environment and so comes under their remit.
Perhaps the FDA too - nothing is beyond them, after all they've already claimed that DNA is a drug for them to regulate
On behalf of all Americans, I would like to apologize for the MORONS that now run the U.S. Government's most important agencies. We're in a pickle of sorts after this last election, and it will take an impeachment or two to get things right again. One of the deficiencies of our constitution was that there were no lower IQ limits on who could vote, nor who we may elect. Thus resulting in a clown car run government.
Again, my apologies.
Dylan
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
