[ECP] Politicians embrace 'cybersecurity' month, but why?

¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º

Please link to the Educational CyberPlayGround
http://www.edu-cyberpg.com

Add your SCHOOL OR SCHOOL DISTRICT URL
http://www.edu-cyberpg.com/schools/

Please Share and Add Your Song
http://www.edu-cyberpg.com/ncfr/

Educatonal CyberPlayGround NetHappenings Mailing List ©1993

¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º

Politicians embrace 'cybersecurity' month, but why?
http://news.com.com/2061-10796_3-6135707.html

By Declan McCullagh
November 14, 2006

The U.S. House of Representatives on Tuesday took the bold step of
enhancing America's cybersecurity by approving a resolution in support
of "National Cyber Security Awareness Month."

The resolution [1], which passed by voice vote, claims the month "will
provide an opportunity to educate the people of the United States about
computer security: Now, therefore, be it resolved, that the House of
Representatives supports the goals and ideals of National Cyber Security
Awareness Month."

Politicians immediately sent out press releases touting the importance
of the vote. "National Cyber Security Awareness Month is a chance not
only to raise awareness about computer vulnerabilities and threats, but
also to inform people about programs that exist throughout the U.S. to
educate students, parents, business people, local law enforcement and
government employees about cyber security and to attract students into
careers in information technology," said Rep. Bob Inglis, a South
Carolina Republican.

(They neglected, though, to mention that the vote took place precisely
six weeks too late: Cyber Security Awareness Month was in October.)

Cyber Security Awareness Month was invented by an industry trade
association called the National Cyber Security Alliance. It features
"public relations activities, educational programs, events and
initiatives throughout October that targets Home Users, Small
Businesses, Education audiences (K-12 and higher education), and Child
Safety online."

The vote announcing official support for Cyber Security Awareness Month,
incidentally, was hardly the only high-profile task facing the House
Republican leadership during the last days of their tenure. They also
convened a vote on a not-very-controversial resolution recognizing "the
important contributions" of the "Christmas tree industry to the United
States economy."

What might have been a better use of their time? How about these
suggestions:

* Instead of merely awarding Ds and Fs to federal agencies for
  lackluster cybersecurity performance, put some teeth behind the
  ratings. Agencies that don't get at least a gentlemen's C would face
  budget cuts--a bureaucrat's worst nightmare and a strong incentive for
  better performance.

* A presidential executive order continues to restrict the unregulated
  export of encryption products. (Overseas shipments are far easier than
  they were in the 1990s, but the rules still exist.) Encryption
  provides necessary security for electronic communications, and
  nowadays there's no reason for a complex web of export restrictions.
  Any executive order can be overridden by an act of Congress.

* The Republican-controlled Federal Communications Commission is forcing
  broadband providers to build in backdoors for government surveillance.
  But network backdoors intended to be used by police and intelligence
  agencies can be exploited by malicious hackers, which is why
  technologists including Vint Cerf, Steven Bellovin and Matt Blaze have
  warned of the security risks. Any FCC ruling--including this one--can
  be reviewed and overturned by Congress.

* The Bush administration has been lobbying Congress for data retention
  laws, which would force Internet companies to keep track of what their
  customers are doing. Some politicians have already embraced the idea.
  But a warehouse of users' activities would be a tempting target not
  just for hackers, but also divorce lawyers and employers hoping to
  prove what someone did or didn't do online.

* Investigate what took place under the National Security Agency's broad
  surveillance scheme. While an AT&T whistleblower alleges widescale
  illegal spying, AT&T and President Bush have acknowledged no
  wrongdoing. (A lawsuit brought by the Electronic Frontier Foundation
  is pending, with a hearing set for Friday in San Francisco.) Oversight
  hearings can answer a key question: Were any laws broken?

[1] http://thomas.loc.gov/cgi-bin/bdquery/z?d109:h.res.00993:

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Educational CyberPlayGround NetHappenings Mailing List ©1993
NetHappenings: the largest and oldest K12 Education Mailing List Email Preferences -- Subscribe - Unsubscribe - Digest 
http://www.edu-cyberpg.com/Community/NetHappenings.html

Copyright FAIR USE Statements to be included when reproducing
annotations from NetHappenings.

The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:

EDUCATIONAL CYBERPLAYGROUND http://www.edu-cyberpg.com
NetHappenings copyright

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>

Other related posts: