Cyber C&C

According to Ellen Nakashima, the Pentagon is looking at the creation of a "Cyber Command Center" designed to be the central resource on the war on cyber-terror. The U.S. Military is discussing how they could best protect the national military cyber-assets, national security online resources and the civilian government in the chance that there would be a cyber attack on civilian computer networks.

The centralization of any type of online protection leads to questions regarding individual privacy and civil rights. The NSA used the "War of Terror" as a justification to warrantless wire-tapping, which has not be revoked by the current administration. Another problem this raises is that a centralize focus is not effective with this type of attack. Richard Bejtlich makes several excellent points regarding this subject. The major point is a specific goal or objective designed by the military maybe virtually impossible to pull off. Only an informal structure that is the basis of the hacker community would be able to work out a solution that would provide the same effect. But, that type of structure is in direct conflict with the formal structure of the U.S. Military's C&C. A military cyber C&C, based on former case studies, would more likely than not fail at objective goals.

Cyber Security and You!

It seems that I've been focusing a lot on security and fraud on microblogging sites. However, there is more online than microblogging sites, despite my attraction to the concept. As a way of approaching cybersecurity, I finished reading the Center for Strategic and International Studies' Commission on Cyber Security for the 44th Presidency final report. It is an extremely long and through report of the state of cyber security and the need to protect this environment from those who seek to do harm. The main punchline from the report is the need for the next President of the United States to create a comprehensive national security strategy for cyberspace because, quoting from the report, "cybersecurity is now a major national security problem for the United States."

This would seem to be a fair assessment as both McCain and Obama had their networks hacked while they were both campaigning to become president.  The argument that the rest of the American digital public needs a form of digital ID in order to protect their online interest has rightly been criticized by some as a waste of resources and a failure to recognize how cyber criminals work. I would make the argument that these recommendations fail to address the need to education the general public on how to protect themselves and the organizations that they care about/work for/whatever. To address the broad policy issues without address how these recommendations would be foolish. The only point of educating the public is a plan of creating a education plan though the National Science Foundation (NSF).While the NSF has done great work in the past and present in educating the role of science to the American public, I do not believe that the NSF is up to the task of this size. If the NSF is the only federal organization reponsible for educating laypeople who may or may not be computer literate, this project will be huge failure. I do not have a great recommendation on who else currently could help the NSF. The report does mention private-public partnerships. I believe the government should create a new operational organization to help the general public deal with the issues caused cybercrime and the influx of new technology. The focus of education must go beyond the infrastructure of the bureaucracy of the U.S. Government and must approach the general public. If it stays in the ivory tower of Washington D.C., it will hurt us all.