Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Government United States IT News

Who Would Want To Be Obama's Cybersecurity Czar? 131

dasButcher writes "President Obama is expected to name a new cybersecurity czar sometime soon. This person will be charged with defending the digital boards from attack by hostile nation-states and terrorist organizations. But the question Larry Walsh asks is: Who really wants the job? The previous three people who held the post barely made a dent in solving the security problems. Government bureaucracy and private sector resistance make it nearly impossible to find any measure of meaningful success in this job, he writes." Reader eatcajun contributes a related link to the long-awaited US cyberspace policy review.
This discussion has been archived. No new comments can be posted.

Who Would Want To Be Obama's Cybersecurity Czar?

Comments Filter:
  • by Gandalf_Greyhame ( 44144 ) on Friday May 29, 2009 @06:28PM (#28145379) Journal

    We'll give you Stephen Conroy if you like.

  • Kevin Mitnick (Score:5, Interesting)

    by Tehrasha ( 624164 ) on Friday May 29, 2009 @06:30PM (#28145399) Homepage
    ...nuff said.
    • Re: (Score:2, Insightful)

      by Anonymous Coward
      Bruce Schneier would love to do it, since he would be the center of attention. But since he know he'll never get picked he says we shouldn't have a cyber tzar.
  • What about hostile countries that are not nation-states?

  • by Xtifr ( 1323 ) on Friday May 29, 2009 @06:33PM (#28145419) Homepage

    Obligatory XKCD link [xkcd.com] (five part story).

  • by icebike ( 68054 ) on Friday May 29, 2009 @06:34PM (#28145425)

    The copyright holders and their corrupt organizations may want it.

    They use the position to make sure one looks too hard at the invasive digging into people's hard drives and network traffic.

    Meanwhile they totally ignore any REAL threats and protection measures. (As can be seen by stories on Slashdot about data thefts left and right).

  • by Anonymous Coward

    Whoever he picks, I hope they are technologically savvy enough to realize that all of the terrorists in the world won't be able to do one millionth of the damage that's already being done by spammers.

  • RIAA Lawyers (Score:5, Insightful)

    by GigsVT ( 208848 ) on Friday May 29, 2009 @06:35PM (#28145439) Journal

    Are there any RIAA lawyers left who don't yet have high level Obama positions?

  • by Wonko the Sane ( 25252 ) * on Friday May 29, 2009 @06:37PM (#28145463) Journal

    so I guess I am ineligible even if I wanted the job.

  • Bruce . . . (Score:5, Funny)

    by PolygamousRanchKid ( 1290638 ) on Friday May 29, 2009 @06:38PM (#28145475)

    . . . Schneier and Campbell . . .

    . . . Schneier can lecture us on, "What is Cybersecurity?" . . . Campbell can cut 'em up with chainsaws, and blow their brains out with his shotgun.

    How could we lose?

    • My only thought for the position would be Bruce Schneier. I think he's not only competent, but trustworthy. Trust isn't the kind of thing that you can take for granted with government appointments. Regardless of how one may feel about an administration, you have to remember that there will always be another one that doesn't necessarily have your best interests at heart.

      LK

  • by Anonymous Coward

    is the cyberczar going to declare a "WAR ON BLOGS"?

  • Come on, you gotta know a job like this pays some serious bank. And in todays economy, that means a lot more then it used to. Sooooo...if anybody wants to hire me, you can find my resume online. (President Obama, are you reading this?) I posted it on my website: http://www.niksput.com/resume.html [niksput.com] Also you can email me: sdn@niksput.com [mailto]
    • (President Obama, are you reading this?)

      A /. reader for prez?
      Ugh, if so I'm leaving the country _RIGHT_ _NOW_...

  • While corporate lobbyists dictate the infrastructure, it's gonna be a Windows backbone. Nobody can make that secure. While this situation remains, the position is a no win one.
    • by thePowerOfGrayskull ( 905905 ) <marc,paradise&gmail,com> on Friday May 29, 2009 @07:22PM (#28145799) Homepage Journal
      Oh, stop. A Windows "backbone" can be made just as secure by a competent admin as a *nix "backbone" can.
      • by KahabutDieDrake ( 1515139 ) on Friday May 29, 2009 @07:58PM (#28146055)
        I think you forgot to include the punchline.
      • Re: (Score:3, Informative)

        by Ektanoor ( 9949 )

        Really? I remember that Windows NT & Sons had a too classical and nearly eternal flaw, which did not give a chance for a guaranteed secure environment - the internal messaging between progs. I met it a few times and it was really painful.

        Yes Vista & Sons probably have solved this. But after 15 years on Windows I didn't wait for them.

        Besides, you don't make backbones on Windows or *nixes. Anyway you don't use *just* Windows or *nix
        ----

        A backbone admin

        • Really? I remember that Windows NT & Sons had a too classical and nearly eternal flaw, which did not give a chance for a guaranteed secure environment - the internal messaging between progs. I met it a few times and it was really painful.

          Indeed, every system has flaws - sometimes severe. I think the internal messaging weaknesses got corrected in the WIn2003 timeframe, IIRC.

          Besides, you don't make backbones on Windows or *nixes. Anyway you don't use *just* Windows or *nix

          Agreed, that's why I put it in quotes.

      • by BlueParrot ( 965239 ) on Friday May 29, 2009 @08:43PM (#28146315)

        Oh, stop. A Windows "backbone" can be made just as secure by a competent admin as a *nix "backbone" can.

        And you CAN attach wheels to your tower and CRT, hooking it up to lead acid battery and dragging it along behind you, but it is just so much easier to get a laptop...

      • by raddan ( 519638 )
        It's pretty easy to make claims like this when there are, in fact, no Windows machines providing any core Internet services (BGP, DNS, etc). It's like dividing by zero, right?
      • It's getting rather predictable where the Windows proxies / astro turfers will use their mod points. To be fair to them though, Microsoft are cutting back on astro turfing budgets so those doing it have to be ruthless to ensure they are not the ones facing the unemployment lines. They are only doing their jobs, we don't take it personally when we laugh at their lack of integrity.
        • The funny thing about your post is that in another conversation here, I'm getting flamed as an anti-windows shill because I dared to complain about the holy child, Windows 7 ;)
      • Some systems are inherently less insecure than others. I don't know why this is so hard to understand. Everyone gets that some chips are faster than others, some hard drives have more capacity than others, etc. But when it comes to operating systems and security, a lot of people continue to insist on an equality that clearly doesn't exist.

        • I never claimed otherwise. But my point is that stating (or implying) Windows is buggy and inherently insecure is as valid as is saying Linux is inherently hard to use. Both were true many years ago. More recently... not so much.
      • Re: (Score:3, Funny)

        by janwedekind ( 778872 )

        The impudence of this lie was so strong that it send ripples through space time causing momentary discomfort to a Linus Torvalds in a parallel universe deciding to go out for dinner instead of sending a post about developing an operating system kernel.

  • Results 1 - 10 of about 17,800 for sysadmin horror stories...

    1. How do you convince the prez that he shouldn't download shonky software just because his Macbook isn't running Windows?

  • by religious freak ( 1005821 ) on Friday May 29, 2009 @06:46PM (#28145541)
    We don't need a "czar", we need a new military branch. I am not aware of ANY real and lasting contribution any "czar" has ever made in the United States. The first drug czars came close... if you call that a contribution, but from everything I've seen, they're basically PR and cheerleaders, and don't have much authority or get much done.

    If we're serious... and I mean really serious... we need a branch of the military to do the heavy lifting. We don't need to start this in a big way, but we need the security infrastructure to build on should tensions begin rising with nation states. These guys would be the grunts doing the front line lifting and poking around while the NSA focuses it's talent on developing high level techniques. This is what we'd do if we got really serious.

    In my view, the position of czar is a joke. Czars are for 19th century Russia and have no place in a modern United States government.
    • Re: (Score:2, Interesting)

      by Tigersmind ( 1549183 )

      You are right. A group of people trained properly is about the only way to do this. Thing is to really be effective they would have to operate with little to no oversight. Essentially a black-ops for a cyber war.

      That idea makes me squirm. Bad enough so many groups try this already with current laws, I wouldn't want to give that much power to a unmanaged group of people. If you want effective though, that's the way. A Czar is a waste of time really.

    • Re: (Score:3, Insightful)

      by Jurily ( 900488 )

      In my view, the position of czar is a joke. Czars are for 19th century Russia and have no place in a modern United States government.

      I see this as a subtle move to start referencing absolute power. Napoleon called himself "First Consul", and then "Emperor of the French Republic" after seizing total control, for a long time, because the public was not ready to go back to monarchy.

      Of course I'm just being paranoid again, and the voters have total control over the government.

    • Re: (Score:3, Insightful)

      by tehdaemon ( 753808 )

      "Czars are for 19th century Russia and have no place in a modern United States government."

      It is worse than that. Czar [wikipedia.org] is nothing more than the slavic/russian version of the word Caesar.

      T

    • ...19th century Russia and ...United States government.

      I'm sorry, but with the way things are going, what exactly do you perceive the difference to be? (Politically that is, we all know there is such a thing as nuclear___ now).

    • by Ektanoor ( 9949 )

      A military branch to fight crime? While I agree th US doesn't need a "czar" and even agree with your arguments, your alternative is not brighter.

      Crime shall no be fought by the military in any possible way. First they will shoot and then... They will not give themselves the question "whom are we shooting at"! They will keep shooting until the field is flat.

      Second, a military environment is always preemable to crime. BTW, I have already had to deal with such a case on Internet: military+cybergangs. If you wa

      • Re: (Score:3, Interesting)

        by Artifakt ( 700173 )

        As a person who once held a Military Intelligence slot, I want to point out some things. Properly done, MI is all about capabilities, not intentions. That is, MI when it's working right will tell you if a possible enemy has artillery with a 55 mile range or not. Mi done right won't speculate whether the enemy has the intention of aiming it at an adjacent capital city unless the owner announces it, or at least positions it so there are no other targets that would make any sense.
        I

        • by Ektanoor ( 9949 )

          As someone who had a face to face with Military Intelligence I would concord with your words on MI but I would note you that the question is not capability but crime. Crime is not capability. It is a process which, at least, degradates the very frame of society in every level and form.

          If we have a crime gang going wild, we need to track not only their capabilities but also their relations motives and modus vivendi. And note, I am writing "capabilities" in plural. Now how in MI conditions can you give a solu

    • These positions are never officially called czars. That's just a name the media gives them.
    • This problem needs to be addressed from the bottom-up, not from the top-down. We don't need a "Czar", we don't need a branch of the military, we need someone more like the "Surgeon General" (and even that title sounds too military).

      We need someone who explains and educates us, not someone who barks orders at us. We need to look at computer security as a public health issue. People need to be taught about basic computer hygiene (just like we were taught about normal body and sanitary hygiene after finding o

      • I'd start by providing the means. Education is great, but we must be practical. Doesn't do any good to talk about security or order it tightened when there isn't any approved way to do it, or there are ways but no one knows it or is allowed to use it because they're all top secrets.

        It's very easy to get mired in security theater. If the Czar can just keep the politics to a minimum that would be huge. "It's a national secret" is routinely abused to cover up problems. And to keep business rivals and co

    • by Monsuco ( 998964 )

      If we're serious... and I mean really serious... we need a branch of the military to do the heavy lifting. We don't need to start this in a big way, but we need the security infrastructure to build on should tensions begin rising with nation states. These guys would be the grunts doing the front line lifting and poking around while the NSA focuses it's talent on developing high level techniques. This is what we'd do if we got really serious.

      The NSA could likely be extended to cover both ends of security (both defence against hacking and offence in the sense of monitoring enemies.)

  • Czar fetish (Score:5, Insightful)

    by flyingfsck ( 986395 ) on Friday May 29, 2009 @06:46PM (#28145545)
    What is up with this American love affair with old Russian titles?
    • Re: (Score:3, Funny)

      Well, you see, we all have fond memories of playing with mamushka dolls when we were little and...I mean...come on... who honestly doesn't love those things?
      • Interestingly, and on a completely unrelated note, Rule 34 [xkcd.com] curiosity led me to google image search "mamushka porn" right after posting this comic and on the second page of results the movie boxes for "Dumb and Dumber" were displayed....I love the internet.
    • by Ektanoor ( 9949 )

      Simple buddy... Czar is synonim to Samoderzhec, something like "the power in himself by himself". Much like the "L'Etat c'est moi..."

    • by gmuslera ( 3436 )
      They are setting the ground to make people accept the next change, a very big one. Be ready to see lots of posts titled "In Soviet America..."
    • Fetish? Nonsense. You're just imagining things, comrade.
  • But only because I am sure it would look pretty bad ass on my resume. I am sure with that on there I would be able to get a job somewhere, pretty much forever.
  • The difference (Score:2, Insightful)

    by bonch ( 38532 )

    The difference this time is that Obama is a Democrat, so the media will ignore the czar's complete ineffectiveness and never criticize anything he or she does.

    • Re: (Score:1, Troll)

      by MrMista_B ( 891430 )

      Heh, I take it you don't watch American news, at least you haven't at any time during the past ten years. Remember the American invasion of Iraq? The destruction of Katrina?

      Etc. - my point being that, during that time, pretty much everyone in the Bush presidency got a free ride. The media basically said 'aww shucks, wull I guess he just gosh darned tried his best, and that's what counts, right?'

      In contrast, the scrutinty and out-for-blood nature of most of the news coverage of the Obama campaign since it be

      • Re: (Score:3, Informative)

        by Artifakt ( 700173 )

        I don't think you can claim fairly that the Bush administration got a free ride the whole ten years - the first few after Sept 11th, maybe, but not nearly so much by Katrina.
        However, when the Governor of Illinois recently got into trouble, CNN and NBC (both part of what Fox calls the liberal media), ran pieces on it. They both printed a quote from a phone conversation involving the perp, where he essentially said 'Obama's whole staff were Boy-scouts. When he tried to hit

    • The difference this time is that Obama is a Democrat, so the media will ignore the czar's complete ineffectiveness and never criticize anything he or she does.

      You're not just trolling, are you? You actually believe that. Dear God.

      Have you actually read a newspaper, or watched a TV news program, or listened to a radio news show, at any point during Obama's administration? Or during the Clinton administration? Or during the Carter administration, assuming you're old enough to remember that? Ever?

  • Here is why you would want it: You have the ear of the president of the USA. You get to put down on your resume that you were the cyber-security czar.

    Yeah, the very idea that a cyber-security czar has any control over US cyber-security is truly silly, but who knows. Your suggestions might get a few positive changes to be made, and in the event of a catastrophic cyber-security catastrophic event (like, terrorists flying virtual 747s into the virtual world trade center in Microsoft's flight simulator...)
  • by linzeal ( 197905 ) on Friday May 29, 2009 @06:58PM (#28145637) Journal

    I am sure he will find away around this so called bureaucracy of yours as he has been doing quite well for himself in the private sector [wikipedia.org].

    Of course with the new job comes new nomenclature, I present to you ladies and gentlemen the BCCFH (The bastard cybersecucurity czar from hell) and don't worry about assigning him any more power than a normal UNIX sysadmin, he'll get the job done.

  • by argStyopa ( 232550 ) on Friday May 29, 2009 @07:04PM (#28145671) Journal

    ...so clearly I'm not qualified to be on Obama's cabinet.

  • In this type of political postion reputation and personality are as important as your knowledge. Kevin has shown in his legal employment history an aptitude to address cyber security in a way that draws the necessary attention to the issue. His crimial history gives him the legitimacy with both sides of the issue.
  • Arguably, few have had more experience dealing with gaping software security vulnerabilities than the big kahuna himself.
  • I think Regan was the one who started giving government officials the the nickname of the "The _______ Czar". In every case the problem assigned to the Czar never went away and often got worse. You would think that term would fall out of use. You want to guarantee a problem will not go away? Appoint a Czar to oversee it.

  • Mitnick is a great guy. But he is too specific on creating a mess. Besides, too private and he seems even shy...

    Go for Morrison... He knows how to make a real worldwide mess out of Internet.

  • by mqduck ( 232646 ) <mqduck@mqduck3.1415926.net minus pi> on Friday May 29, 2009 @07:23PM (#28145805)

    Cowboy Neal.

  • by iamdrscience ( 541136 ) on Friday May 29, 2009 @07:25PM (#28145813) Homepage
    I'd take this job in a second. The position has a track record of failure and thus, expectations are low. This is exactly the kind of job I'm looking for. If you succeed, you're a miracle worker, if you fail, nobody blames you, either way it's not bad. It looks even better when you add in the fact that the pay is good and you have an awesome title. I mean c'mon, you'd be a freaking czar, how many people can legitimately put "Czar" on their resume?
  • Of course, I'm not qualified but we're talking about the U.S. government here so since when would that matter?

  • I'm a huge fan of this administration but in this particular case I think the private sector could do a much better job protecting against threats than any Czar. Besides, I hate anyone who's title has a C followed by a Z in it, that's just not right. Drop the "c" or just say: "KaZaar!".

  • There will be lolcats all over the place, I promise! ;-)

  • Who wants the job? Perhaps somebody who wants to have power, without all that pesky "running for office and actually being elected by the people" stuff. Somebody who wants to make rules about how everybody is to run their computers, without all that pesky "being responsible for what goes wrong" stuff.

  • Would love to see him in a fake photo with Czar clothes. Maybe he goes forward to the czar role, pushes us to the open source communism and Ballmer starts calling him Stalinman.
  • by Anonymous Coward

    but I'm an employed white male who wouldn't base my decisions on my perceptions of social injustice brought about by my situation.

  • The man who's name is synonymous with Security: Peter Norton [wikipedia.org]

  • Here's my quick, from the hip view on how to maximize the probability of a successful outcome:

    Cybersecurity is focused on maintaining control of systems and networks. Cyber-warfighting is a valuable source for understanding potential threats, but it is not the objective of the cybersecurity committee to advance the state-of-the-art of cyber-warfighting.

    To advance the ability of the citizens and organizations of the United States to retain control of their information systems, an elite task-force will be for

    • by robinjo ( 15698 )

      So, you assemble a group of people from different big companies and vastly different backgrounds and expect them to do a good job, think critically and be unanimous? Are you really serious?

      If you bring together a big enough group of experts, they seldom are unanimous. Add the outside influence from the big companies and you'd have a recipe for failure.

      The group would avoid changing anything big as it would only lead to conflicts. After a while the brightest people would get frustrated and leave. After addin

      • by Bob9113 ( 14996 )

        If you bring together a big enough group of experts, they seldom are unanimous.

        I only suggested an 11-person committee. But that is the less important point.

        In politics, religion, and art, I agree completely. In science, I do not.

        Perhaps they could not agree on the finest nuance, but they could agree on the color of the carpeting in the room they are in.

        From there, they can move to "Should encryption be employed when transmitting sensitive data over the Internet?"

        Then "Is AES-256, if implemented perfectly,

    • by MRe_nl ( 306212 )

      Jonathan James, Adrian Lam, Kevin Mitnick, Kevin Poulsen, Robert Tappan Morris.

      • by Bob9113 ( 14996 )

        Jonathan James, Adrian Lam, Kevin Mitnick, Kevin Poulsen, Robert Tappan Morris.

        Those guys should be on the cyber-warfighting committee. And should play war games against the cybersecurity team.

  • For something like this, I honestly don't like the idea of having one person behind it. What happens if he's murdered? I mean, if a group of professions honestly want to hack the U.S.... the poor son of a bitch who is the "Cyber Czar" is going to take a hit. Rather physical, such as being sniped or just having his shit hacked... he will be knocked out of the way.
  • For this job you need someone who has political savvy and can indeed show leadership coupled with diplomacy - and on top of that he needs to have at least a degree of technical competence to ensure someone isn't telling him lots of guff.

    If I wasn't non US I'd be interested as I've done this a few times before. I built the fundamentals on a large government work when nobody was interested in collaboration, and I did international interoperability where the group I worked with was talked with making it happe

  • ...Leo Laporte!

    He'll show them crackers what for!

  • Why to have a cybersecurity Czar? Better have a real one. The American Czar will establish an Empire, and it's a kewl thing. People think that a Czar is Undemocratic, but when you have a Czar it's he who would decide what is Democratic. In America, every Citizen would have a right to be the Czar, but the only Czar would be Obama, because it's Democratic.
  • If the job wasn't limited to security, I'd say Wozniak.

    If the job is limited to security, all they'll need is an ineffectual mid-grade bulletstopper. This will make it a true government operation. Same as it ever was and all that.

  • by stanjam ( 1057588 ) *
    I'll do it, no problems.

Never test for an error condition you don't know how to handle. -- Steinbach

Working...