February 2009 Archives

Secretary Janet Napolitano testified before the House Committee on Homeland Security today, and her priorities provide good news for state and local government partnerships. The Department of Homeland Security (DHS) website posted the text of today's testimony. Here is one important excerpt:

"State and Local Partnerships -

First among these areas is the Department's relationship with state and local governments. State and local law enforcement agencies are the forces on the ground that represent, inhabit, and patrol America's communities - the communities that DHS protects. We need strong relationships with our state and local partners, and I am committed to building them.

Partnerships with state, local, tribal, and territorial agencies affect DHS's ability to identify threats and bolster preparedness before an incident; they also affect our ability to work with first responders and assist a community's recovery after an incident. The information we gather, the funding we grant, and the training and assistance we provide are all more valuable in securing our Nation if DHS's relationships with the involved state and local agencies are strong.

Information sharing between DHS and state and local governments is particularly critical to our security...."

Secretary Napolitano went on to describe the important priority that science and technology also play in defending the homeland in the 21st century. The former Governor of Arizona clearly "gets it" and understands the expanded role that fusion centers must play in the 50 states.

This testimony should be music to the ears of those in the local criminal justice community as well as CIOs in states and large cities around the country who have been trying to move various homeland defense plans forward. These efforts include cybersecurity initiatives. We need new partnerships between federal and state efforts, and it looks as if they will become a top priority.

Bottom line, I think this testimony is good news to struggling states.

What do you think?  

Get ready for a flood of offers, spam and phishing attempts with the word "stimulus" in the headlines. Some messages and websites will no doubt be legit, others will not, but I suspect that computer security staff will not like this word very much a few months from now.

Allow me to illustrate...  I returned home from an all day ski trip with my family in northern Michigan on President's Day (February 16). After helping to get the kids to bed, I sat down with my laptop in my favorite chair and went online to find out what news and email I had missed over the past 24 hours.    

As I was checking out the headlines at AOL.com, which is my wife's default home page, I saw this sponsored ad highlighted near the top of page:

So why does this bother me? For one, the President hasn't even signed the legislation yet. How could this guy have received any stimulus check already? If you go to his website, he calls the check a "grant" that is "money I do not have to pay back." He is obviously using that magic word to grab our attention. It worked in my case.

Second, these types of ads and emails will soon be all over the place. Governments may even be tempted to block spam emails with the word "stimulus" in the subject heading. But be careful! You may also block stimulus emails that are legitimate.

In security terms, this is just another email spam or phishing campaign. We've seen them before from major world events such as the Olympics, Super Bowl, World Series, tsunamis, hurricanes like Katrina and Ike and more. I suspect that this campaign will be somewhat successful - given our current economy and the attention that this topic has received.

Third, governments need to be aware that various ads, emails, and other messages regarding the stimulus will be everywhere as they try to send their own true stimulus messages. When we returned home from skiing, we even had a voice message on our answering machine from a politician on how he helped to make the stimulus happen. From buying cars to new houses to various other provisions, get ready for a deluge of stimulus stories. 

In these very hard economic times, many people are hurting financially. The sad truth is that even a positive message can become difficult to deliver when the field becomes crowded. Numerous good news articles are appearing daily on all aspects of the stimulus package. Our job is to help enable the good and disable the bad (messages). It won't be easy.   

What are your thoughts on this topic? Seen any good stimulus ads lately? 

On Monday, President Obama ordered a 60-day review of federal cyber security programs. The review will be led by Melissa Hathaway, a top cyber security advisor to Mike McConnell, the former director of national intelligence.

The Washington Post described the growth in cyber security efforts and how the sector will continue to grow in coming years. Here's an excerpt: 

"Industry executives say the sector will be one of their fastest-growing markets in coming years, and analysts say it could generate over $10 billion in contracts by 2013....

Immediately upon taking office, the Obama administration underscored the importance of protecting U.S. information networks in a posting on the White House website.

It pledged to work with industry, researchers, and citizens to 'build a trustworthy and accountable cyber infrastructure that is resilient, protects America's competitive advantage, and advances our national and homeland security.'" 

Despite numerous technology articles recommending the fast appointment of a cyber security czar and the quick implementation of the report from the Commission on Cyber Security for the 44th Presidency, this security review makes sense to me.  Given the current state of economic issues and the focus on the stimulus package and helping the bank system, this comprehensive review should help to ensure the right team is put in place with the right level of authority and organizational control spanning various agencies.

While it looks like we will all be waiting a few more months before new cyber security policies and plans become clear, efforts started under President Bush on the Cyber Security Initiative continue to strengthen federal networks. Check out this article written a year ago by Mike McConnell. Understanding 2008 cyber events and projects is vital to understanding future security plans.

What are your thoughts on the future of the cyber security industry in the next few years?