reply to discussion post below hmls wk3

/in /by

Candis,

Cybersecurity fits within all aspects of our connected-CIKR sectors, however, I believe the key to understanding the cyber environment, and subsequently securing it both defensively and offensively, is to realize that the cyber universe does operate in a manner were our tired and true SIGINT, IMINT, MASINT or HUMIT means of intelligence gathering will be effective.

Cyber warfare is ‘fought’ with computers, machines; technology and our CIKR should be viewed from the standpoint of the actual systems that we use to connect us to the assets that are actually critical.

We are spending way too much money. First, we should shift our focus away from mainly investing in new technology to maintain and operate the network, to investing in new technology designed to analyze digital threats, which would then lend itself to threat forecasting, THEN, we could shift our posture to that of offense.

Last year, the Fed spent more than 80% of the budget for IT on Operations and Maintenance for our “aging legacy systems,” and only 20% percent on Development, Modernization, and Enhancement.

This ‘state’ of our Federal IT systems in these threat conditions significantly increases our exposure to risk in the cyber environment.

Federal legacy IT investments are simply obsolete yet many agencies are using outdated software languages and have hardware that’s not even manufactured anymore.

Some agencies are using systems and components at least 50 years old which is unacceptable.

Check this out; the DoD still use 8-inch floppy disks in a system that coordinates the operational functions of our nuclear forces. Floppy disks? Really? The Treasury Dep employs code initially used in the 50’s. The VA is using systems over 50 years old and the Social Security Administration is using 31-year-old software.

If our Gov would fund innovation, partner via Public Private Partnerships, which is an emerging area for new enterprises, or STEM projects at our Universities and laboratories, we could pivot from defense to offense and finally secure our network of CIKR.

I mean we helped fixed the ozone layer, which, by the way, is repairing itself; surely, we can create ‘cyber architecture’ that gathers and accurately analyzes threats, and design code that only recognizes and protects US Federal systems, and seeks and destroys alien attempts at intrusion?

I believe we can do anything in this country.