Can We Secure Government Networks? Yes, We Can, Theoretically

By Larry Seltzer  |  Posted 2008-11-11 Print this article Print

Government networks face a lot of threats, as private networks do, and securing either is a complicated and expensive process. It's not just a matter of exhibiting leadership.

The pressure is on President-elect Obama to make cyber-security a priority issue. What can the government, let alone the president, do about this? Obama has said, "As president, I'll make cyber-security the top priority that it should be in the 21st century. I'll declare our cyber-infrastructure a strategic asset, and appoint a national cyber-adviser, who will report directly to me."

My guess is that President Obama's national cyber-adviser will run into the same problem that previous attempts have found: No section of the federal government is interested in giving up control over the security of its own computers. There can be, and are, standards for the security of systems in federal networks. The standards are modest and not well adhered to, and they don't include any clear penalty for noncompliance.

If the implication of Obama's plan is that there will be some IT security czar or agency in charge-currently the OMB (Office of Management and Budget) seems to have the main role in the standards I mentioned-of setting and enforcing IT security rules, I have to say it's hard to imagine him, her or it succeeding. 

There were a bunch of people more or less in this role in the Bush administration. Remember Richard Clarke? Amit Yoran? Greg Garcia? Some people would dismiss these people as ... well, they worked for Bush so they must be corrupt or incompetent or, in Richard Clarke's case, defeated by the forces of corruption and incompetence. I figure the truth is different and more discouraging.

Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel