06.02.09
More Jaundice on Cybersecurity Policy
“Negative reactions are coming in to President Obama’s cybersecurity proposals,” writes a blog at PC Mag. “The reasons vary, but many are arguing that the proposals resemble earlier, less publicized efforts from the Bush administration, and that the proposed National Cybersecurity Coordinator will lack sufficient
authority.”
DD makes an appearance, again calling the story about unnamed cities in other countries being blacked out by cyberattack an urban legend. It was delivered by President Obama on Friday, and he presumably read it in the Cyberspace Policy Review, were it merits a footnote — citing a p.r. sheet issued by a computer security vendor.
The rule of thumb for such claims needs to be this, particulary when an ‘item’ is to be delivered by the President: Extraordinary claims require extraordinary and substantial evidence to back them up.
And the regular circular slogan during the days of WMD’s in Iraq: “Absence of proof does not mean proof of absence,” just doesn’t cut it.
A stake needs to be driven through this type of thing as it’s part-and-parcel of the regular slew of ghost stories which come with news about menaces from cyberspace. Its use functionally puts the Obama administration at a disadvantage, making it no better than previous administrations. Therefore, those who wrote the report, or insisted upon the item’s inclusion, need to be taken aside and put on a very short leash.
I’ve made this part of the discussion with reporters in the past week because these fact-free rumors get around only because the viewpoints of extremists have become the common currency in the national debate on cybersecurity.
When including such things in policy reports, by nature, they hinder careful and deliberative thought. And they distract from a discussion in which security is discussed in a sophisticated and nuanced matter, conflating it into one big grab-bag issue with the forbidding, even numbing, theme: The nation is at risk.
And “[where did Obama’s] $1 trillion dollar guesstimate come from?” asked Rob Rosenberger over the weekend.
“It’s been estimated that last year alone cyber criminals stole intellectual property from businesses worldwide worth up to $1 trillion,” said the president last Friday.
Answer: It came from a McAfee Associates press release. Really.