Breaking News Stories and Articles on NetSuite

NetSuite Journal

Subscribe to NetSuite Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get NetSuite Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


NetSuite Journal Authors: Bob Gourley, Brian McCallion, Maureen O'Gara, Avi Rosenthal, Elizabeth White

Related Topics: Cloud Computing, Cloudonomics Journal, Government Cloud Computing, Government News, Government Information Technology, NetSuite Journal, Government Innovation Journal, CIO/CTO Update, New Year 2010, Government Cyber Assurance

Cyber: Blog Feed Post

Pentagon and Congress Want Control of Your Network During Cyber Attack

Possibility of a “Widespread Coordinated” Cyber Attack?

There has been a lot of chatter in the news lately about the possibility of a “widespread coordinated” cyber attack against our critical infrastructure  and our ability to successfully defend against it.  Most of this infrastructure ( eg. utilities, finance, transportation, etc) is owned by private companies. Those currently responsible to protecting these networks will tell you that we are already under attack.  Is there a cyberwar going on?  Howard Schmidt, the White House’s Cyber Czar says “No”. But let’s not argue semantics. War, skirmish, tomfoolery…call it what you may. Many experts will confess the US is unprepared for a major cyberattack.

What is the government’s role in protecting these private networks? Should it have a role at all? Although some in the private sector are still debating these questions, the government has already moved in action. Last month, the DoD launched its new Cyber Command, headquartered at Ft. Meade, Maryland. Military observers still aren’t quite sure what this supposed to do. The Pentagon’s number two, Deputy Secretary William Lynn, in a gathering of cybersecurity officials and defense contractors,  floated the idea that the “Defense Department might start a protective program for civilian networks”.

According to Lynn, companies may “opt out ” of the program but by doing so would place us all at risk.  Does that mean, by default, all companies are considered in the program?

The congress also is taking action. A draft bill, co-sponsored by Sens. Joe Lieberman (I-Conn.) and Susan Collins (R-Maine), gives the Department of Homeland Security authority to keep “critical infrastructure” up and running during a “cybersecurity emergency”.

It would be interesting to see the bill’s definition of cybersecurity emergency.   All would agree that coordinated defense is essential. The federal government is probably the only entity able to provide that coordination on a national scale.  Coordination is one thing. Control, however, well that’s another animal.

Related posts:

  1. United States Department of Defense Embraces Hacker Certification
  2. 2010 CyberSecurity Watch Survey
  3. Exploring Cloud Computing Information Leakage

 


Read the original blog entry...

More Stories By William McBorrough

William J McBorrough is a Security Expert with many years of success Managing, Designing, and Implementing medium and large enterprise Physical and Information Technology Security Solutions. His experience spans the spectrum from small e-commerce start-ups to multi-campus state and federal agencies to multi-state financial sector organizations. He is also on the faculty of various universities including University of Maryland University College, EC-Council University, George Mason University and Northern Virginia Community College where he conducts research and teach graduate and undergraduate courses relating to cybersecurity, cybercrime, cyberterrorism, and information security and assurance. He holds a Bachelors of Science in Computing Engineering with a concentration in digital networks and a Masters of Science in Information Security and Assurance. He is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk Information System Control (CRISC), and Certified Ethical Hacker (CEH).He is well versed in personnel, systems and network security risk management. His core competancies include Developing cost effective solutions to enable mission assurance in the following areas: Enterprise Risk Management, IT Governance, Security Organization Development, Information Security and Assurance