Malware Is a Disease; Let's Treat It Like One 160
jfruhlinger writes "The most common metaphor we have for computer malware — 'virus' — emphasizes that in many ways malicious computer code mimics biological pathogens. And yet, while the U.S. government has rapid response plans in place for an outbreak of a new disease, we're content to let the private sector react to hugely damaging computer infections. Tom Henderson thinks we need the cybersecurity equivalent of the CDC."
Oh, yes... (Score:2, Informative)
This is just what our broke-ass, can't-find-it's-dick-with-it's-own-hands, defective government needs, another resource drain and another nanny role in which they clearly have no business.
Re:Woohoo, more government!!! Yeah. (Score:3, Informative)
I am always suspicious when government is the solution. I prefer to keep it in the hands of private companies.
Private companies are motivated by profit.
Agencies are directed by political appointees, but good ones tend to have a culture which focuses on institutional competence. (e.g. the solicitor general's office.) It does not make sense for individual companies to take the same measures that a society does--there are collective action problems. Some of those goals can be assumed by an agency working for government.
Private companies that want to continue to make a profit will make sure they get the job done. Political appointees, on the other hand, will keep their jobs if they fail, and most likely turn the failure into an increased budget, so next time they can fail on a more spectacular level.
This already exists: US-CERT (Score:5, Informative)
http://www.us-cert.gov/ [us-cert.gov]
From the US-CERT "About Us" page:
US-CERT's mission is to improve the nation's cybersecurity posture, coordinate cyber information sharing and proactively manage cyber risks to the nation while protecting the constitutional rights of Americans. US-CERT vision is to be a trusted global leader in cybersecurity - collaborative, agile, and responsive in a complex environment.
Information is available from the US-CERT web site, mailing lists, and RSS channels.
US-CERT also provides a way for citizens, businesses, and other institutions to communicate and coordinate directly with the United States government about cyber security.
Who runs US-CERT?
US-CERT is the operational arm of the National Cyber Security Division (NCSD) at the Department of Homeland Security (DHS).
Where is US-CERT located?
US-CERT is located in the Washington DC Metropolitan area.
What is US-CERT's relationship to NCSD and DHS?
US-CERT is the operational arm of the National Cyber Security Division (NCSD) at the Department of Homeland Security (DHS). The NCSD was established by DHS to serve as the federal government's cornerstone for cyber security coordination and preparedness, including implementation of the National Strategy to Secure Cyberspace .