Can We Secure Government Networks? Yes, We Can, Theoretically
Government networks face a lot of threats, as private networks do, and securing either is a complicated and expensive process. It's not just a matter of exhibiting leadership.The pressure is on President-elect Obama to make cyber-security a priority issue. What can the government, let alone the president, do about this? Obama has said, "As president, I'll make cyber-security the top priority that it should be in the 21st century. I'll declare our cyber-infrastructure a strategic asset, and appoint a national cyber-adviser, who will report directly to me." My guess is that President Obama's national cyber-adviser will run into the same problem that previous attempts have found: No section of the federal government is interested in giving up control over the security of its own computers. There can be, and are, standards for the security of systems in federal networks. The standards are modest and not well adhered to, and they don't include any clear penalty for noncompliance.
If the implication of Obama's plan is that there will be some IT security czar or agency in charge-currently the OMB (Office of Management and Budget) seems to have the main role in the standards I mentioned-of setting and enforcing IT security rules, I have to say it's hard to imagine him, her or it succeeding.