DHS
My Opinion: NYT wants cyber security to be a divisive issue.
I just read an article that seems designed to keep spreading FUD (Fear, Uncertainty, Doubt) about the US government and the NSA. The article is titled “Control of Cybersecurity Becomes Divisive Issue “. It starts with an assertion stated as if it were a fact that says “The National Security Agency has been campaigning to lead the government’s rapidly growing cybersecurity programs”.
I bump into all sorts of people in the beltway, and there is a huge amount of buzz regarding cyber. There is also a huge amount of pontification and rumor and hype, and I think Risen and Lichtblau have fallen for some of that. Read the rest of this entry »
The Number One Reason To Move To Open Source: Security
I just read Bill Vass’s latest blog entry titled: “The No. 1 Reason to Move to Open Source is to IMPROVE Security”
Bill opens this article with:
If you are like me, and you have been involved in cryptography and Cyber Security for a long time, it’s obvious to you that commercial open source code is more secure. As a matter of fact, in the late 90s, many of the Intelligence agencies mission systems and the DoD tactical systems moved to open source ONLY to improve security. Today, the majority of the critical systems in the Intelligence agencies (the people that care most about Cyber Security) run on open source operating systems like Solaris and Linux. The same is true of places like the FAA, IRS, and a whole lot of other organizations that care
about security.We have a saying in the world of Cyber Security: Security through obscurity, isn’t.
Three Events of Federal CTO Interest: Will You Be At These?
FYI, in case your schedule will allow us to connect in person I wanted
to update you on a few events I plan on being at over the next few
weeks.
The Advanced Technical Intelligence Association TECHINT conference will
be held 9-11 Dec 2008. This conference focuses on the technical
dimensions of intelligence, and has a theme of "integrated
performance." The theme refers to the need to integrate capabilities
from all the agencies engaged in national security to better perform in
meeting our national security challenges. On 9 Dec I'll be speaking
at a panel on the real and growing threat in cyber space. There will
be no blogging or tweeting from the conference. But if you are going
to be there please drop me a note and lets connect in person there.
For info see http://masint.org
The AFCEA Solutions conference on Cyberspace will be held 10-11 Dec
2008 at the Ronald Reagan Center in DC. This conference will be
focusing on the challenges and solutions of cyberspace related to
national security. Speakers include Secretary of Homeland Security the
Honorable Michael Chertoff, The Deputy Secretary of Defense the
Honorable Gordon England, Assistant Secretary of Defense for Networks
and Information Integration the Honorable John Grimes, Ms. Melissa
Hathaway, senior adviser and cyber coordination executive for the
Director of National Intelligence, LTG Keith Alexander, Director of the
National Security Agency, Deputy Assistant Secretary of Defense for
Information and Identity Assurance Mr. Bob Lentz and Deputy Assistant
Secretary of Defense for Information Management Mr. David Wennergren.
I'll be speaking on a panel on Wednesday at 1530 on formulating a
common response.
-
This unclas conference follows a model that AFCEA has been using for
several similar events. They are actively seeking ways to enhance the
value of these conferences by leveraging more Web2.0 capabilities
before, during and after the formal presentations. Blogging and
tweeting from the conference is encouraged. You can visit the site at: www.afceasolutions.org/group
For the event schedule and program details can be found online here: www.afceasolutions.org
The US Army Intelligence Warfighting Summit will be held 15-17 Dec
2008. This one will also be a conference where blogging and use of
twitter is not appropriate due to the sensitivity of info discussed.
However, I would appreciate knowing if you will be going so we can
connect there in person. Speakers will include the most senior Army
intelligence leadership, plus Vice Admiral Bob Murrett from NGA, LTG
Alexander from NSA, and Scott McNealy from Sun Microsystems. For more
on the event see: http://www.ncsi.com/iws08/index.shtml
So, if you are going to any of these please let me know.
And please follow me on Twitter so I can send you a few bursts from the AFCEA conference. I'm at http://www.twitter.com/bobgourley
Cheers.
Melissa Hathaway Op-Ed on Cyber Security
I wanted to post this in totality for a couple reasons. One is it is something all of us should read. Although I believe most readers of this blog will find no surprises in this op-ed, Melissa has a real talent for capturing information in easy to understand ways and I think we can all borrow lessons from the way she explains things.
Performance Management In Organizations and Computers
There are some interesting analogies between performance management applied to organizations and performance management applied to computers.
In both cases, performance metrics are crucial to success. In organizations, what we reward gets measured, and what gets measured can be more efficiently and effectively done. In our computers, what we decide is important gets measured, and those measurements can help us drive to increasingly effective and efficient performance.
Day One at Synergy Conference
This post provides a summary of day one of the STRATCOM Synergy conference. The conference is focused on integrating combat ops/intelligence implications for national intelligence processes. Conference leader Brigadier General Billy Bingham (USAF, ret) opened the conference by reviewing what was discussed last year’s Synergy conference. He also laid out the goal for this year’s conference, to keep moving things forward and to ensure we are “Integrating operations and intelligence so we can achieve our nation’s objectives in the most efficient means possible. ”
The morning included a presentation by the STRATCOM J5 (Brigadier General Mark Owen). He was followed by Major General Michael Ennis, Deputy Director of the National Clandestine Services for community HUMINT at CIA. The afternoon was filled with discussions and briefings that brought home the perspectives of operators from the Ops/Intel world, including a panel filled with ops/intel professionals which discussed lessons learned. Perspectives on ops/intel synergy on the front lines were provided by a seasoned Marine Corps professional. Key areas where ISR models clash were highlighted by a seasoned Air force ISR Colonel. An update was provided on army operational intelligence.
The following provides some takeaway’s from the discussions:
Brigadier General Owens mentioned the many missions of STRATCOM, including nuclear deterrence, and also cyberspace. In his view, STRATCOM’s mission in cyber is to ensure freedom of action in cyberspace. He also signaled a strong intention of the Commander, STRATCOM to return the J2 position to the importance it once had. He also signaled a strong intent to do that while integrating ops and intel into the mission. He talked about the terms he likes to use, those of intelligence and warfighters, since the operators are warfighters.
General Ennis gave personal stories underscoring how important it is for ops and intel to work together. He said great staffs have always worked that way and now at CIA it is all ops and intel together, at JSOC it is all ops and intel together. He thinks it is wrong to use the old models of ops and warfighters. That too frequently forces a separate structure. In the old days there was an ops cell and an intel cell and they were separate. Today, in efficient operations, the intel and ops cells are together. General Ennis is a strong believer in new tools and thinks three in particular are dramatically changing the way we are working together. Blogs, Wikis and the class of tools that lets users go after content in search vice just headlines. By Blogs and Wikis he meant the many open source/Internet based wikis that can provide context and situational awareness. For example, the MCIA cultural intelligence initiative makes extensive use of these tools. He also provide some thoughts on the term “information sharing.” There are things he doesn’t like about that term because sharing implies the data is yours to own and to decide when to share. He believes in joint interagency platforms for ensuring responsiveness, relevance and unity of effort. Regarding Open Source, he would like to see an interagency open source center that is focused on hard problems. Regarding IT, he believes a common IT backbone is critically important to mission success.
The afternoon speakers hit on many great topics related to ISR and the different cultures in the Services and how they clash over ISR. There were many great stories and lessons, and several meaty recommendations. But the bad news is all the stories sound the same as they have for years and the lessons learned are the same ones we have been relearning for years. I guess the point of the conference is that we need to embody those lessons somehow.
More later