John Pescatore

I’ve reviewed several national cybersecurity plans for Gartner international government clients, as well as blogged some reviews here pundit-style on the various national cybersecurity strategies the US has published. They all tend to suffer from a common flaw: they focus way too much on monitoring and measuring attacks and way too little on avoiding and eliminating vulnerabilities and avoiding attacks.

This is sort of ingrained behavior in government agencies, especially on the Intelligence Community side – the desire is to be the owner of the information on threats vs. the one who might be responsible if an attack succeeds.   The idea of reducing vulnerabilities to the “good enough security level” to allow business to move forward is a foreign idea. This is why trying to mix cyber-offense and cyber-defense on the government side is such a bad idea. Information ownership is power, especially when it comes to justifying next year’s budget requests.

However, I’ve seen some positive steps. US Department of Homeland Security Secretary Napolitano recently released DHS’s Fiscal Year 2011 budget request, with the following items highlighted under “Safeguarding and Securing Cyberspace:”

• National Cyber Security Division (NCSD): Total funding of $379M is requested for the NCSD to support the development of capabilities to prevent, prepare for and respond to incidents that could degrade or overwhelm the Nation’s critical information technology infrastructure and key cyber networks. These funds will identify and reduce vulnerabilities, mitigate threats and ensure that cyber intrusions and disruptions cause minimal damage to public and private sector networks.
• National Cyber Security Center (NCSC): A total of $10M is requested for the NCSC to enhance cyber security coordination capabilities across the Federal Government including mission integration, collaboration and coordination, situational awareness and cyber incident response, analysis and reporting, knowledge management, and technology development and management.

The key phrases that are good to see: “identify and reduce vulnerabilities” and “ensure that cyber intrusions and disruptions cause minimal damage…” Very realistic approach to making real progress – and not far from the recommendations Howard Schmidt, Gary Mcgraw and I made at the cybersecurity keynote panel at the last Gartner Information Security Summit. Also good to see that the amount of funding for this initiative is 38x the request for more “coordination” funds.

With all budget battles, as in most things, the devil is in the details but this is an encouraging sign.

Submit a Comment »

Category: Uncategorized     Tags:

Share