Ah, what a decade can do.
We are battered daily with dire warnings of a ‘cyber apocalypse’, Chicoms hacking Google and others, government (and more importantly, government contractor) networks pillaged and Kim Kardashian’s latest tweet foiled by sinister, nefarious forces. And naturally, the tech and information security industries stand by to do their patriotic duty, saving the American way of
glide towards poverty life. For billions, yes. But they will throw in a year’s free subscription to the anti-virus.
We used to represent most these of these companies at DoD, the White House, what later became DHS, DoJ/FBI, etc. How nostalgic to see the same songbook, updated with the latest 2010 patches. The
threat mongering technical advice given to Congress and across the Executive Branch only seems more dull compared to the 2002-2003 Runup because the marketers government services units haven’t come up with a compelling mushroom cloud Power Point. The self-interest and ‘fixing the case’ around the sales opportunity are not dissimilar.
Kudos then to veteran (and rotating) industry/government appointee Howard Schmidt, the Boy King’s Cyber Security Czar, as he throws cold water on all those clacking keyboards. Schmidt declares ‘there is no cyber war.’ And so were dashed hopes for bonuses in government sales business units across the board – at least for a few tweets. He’s right, of course. Schmidt’s tamp down is a rare restraint on the self-interested threat mongering of an industry that often escapes critical notice.
Externally, the challenges to the U.S. critical infrastructure are vastly more real and complex than when Dick Clarke had Schmidt’s job. Clarke’s brief turn as a Bush critic aside, he was about as whacked as Cheney back in the late 1990s, manically insisting we faced an *imminent* digital meltdown (Google was just getting started, cool webpages had jerky animated GIFs, and everyone was on dial-up). Wearing his gun as always for pure theater, like Cheney later, Clarke became fixated on a problem that just happened to be his bureaucratic raison d’etre. He also liked the gig. When Clinton promoted him to Counter Terrorism Czar, Clarke later resigned under Cher Condi and asked for his old digital catastrophe portfolio.
Back then, the embryonic, nascent information security industry was happy to help carry Clarke’s water. Major cpoints of contention remained, however, including mechanisms for ‘information sharing’ about network intrusions with the government. First, industry retained up to that point the now largely dissipated libertarian technological ethos. Second, competitive pressures were and are real – a leak could affect share price, etc. Privately, many people involved respected Clarke’s White House perch but thought he was a bit of a loon. (One of our old friends worked for Clarke as a White House Fellow and idiosyncratic is not an understatement).
One can’t be too harsh on Clarke specifically. Digital doom was in vogue everywhere. Y2K, planes falling out of the sky, dogs and cats lying down together, mass hysteria. Remember everyone went to their ‘command bunkers’ for that one? We were with a bunch of 100% Kool Aiders at the time, the kind that bought sleeping bags to the office News Year Eve to be ready to take command (or issue a press release) when The End came. We were kicked out of the Tribe for betting 0 significant incidents would happen. We had such a healthy chuckle the next morning seeing all the sheepish faces.
Today digital doom again is vogue. The U.S. military is actively developing doctrine for battle space dominance in cyberspace. It’s a huge institutional sea change from when the first netcentric warfare test beds were forward deployed for Operation Iraqi Adventure. Unlike Clarke’s time, the geo-strategic threat is tangible and the potential for substantial damage real. One disservice Clarke performed is that many remember his crying wolf.
Who can blame them? Industry and SES appointees are calling for Manhattan Project-level spending to preserve critical infrastructure protection. It’s a realizable industry gold rush. Industry sees the money thrown at Wall Street with no accountability. Tech appropriations still are less polarizing than other industrial sectors – and this Administration enjoys enveloping itself in the aura of digital savvy. Sure, total screw ups like Trilogy at FBI or NMCI will get some hearings. And Poindexter’s TIA got about 2 weeks of coverage before molting into a new guise.
Schmidt has an almost impossible job shepherding cats across so many departmental silos. And he has little real authority over the services or Community. Which is to say we will almost assuredly overspend here anyway. Still, nice to see Schmidt turn the volume down in public. He needs to do it more often and more assertively, although it’s not his comfort zone. He’s had the job before and we doubt he will make much difference this time, either. It’s not him – pick any of the others on the short list, Vint Cerf, etc. It’s a thankless job.
Still, Howard gets an attaboy. Keep trying.