Cyberwar Vs. Cybercrime
Assessing the Feds' Priorities in Battling the Bad Guys
The greater threat to IT security isn't from a cyberwar initiated from abroad but from criminals. That's what I inferred from one of the top minds in IT security, Eugene "Spaf" Spafford, the Purdue University computer science professor who serves as executive director of the school's Center for Education and Research in Information Assurance and Security.
I sought Spaf's insight when researching a blog, Why NSA Should Be Trusted, posted before I went on vacation a few weeks back. I got his e-mailed response upon my return last week. The blog explored placing IT security analysts from the National Security Agency, the electronic spy agency run by the Defense Department, within the Department of Homeland Security to secure civilian IT systems.
Spaf saw the significance of the NSA-DHS memorandum of agreement as furnishing DoD resources to help Homeland Security battle threats to U.S. law enforcement. In his e-mail message, he wrote:
"The problems we face are really criminal threats, not military. The government should be putting more resources into law enforcement rather than simply creating alliances. In the long term, we need strong law enforcement to address threats and this is not necessarily the way to get there."
Spaf questioned the government's cybersecurity priorities:
"Why aren't we seeing the investment and prioritization being made in law enforcement, first? Why is all the publicity, funding and prioritization being given to the military - with efforts such as the build-up of the military cyber command - when so much of the clear and present threat is from the criminal element and not from other nation-states?"
I don't have answers to Spaf's questions, but we shouldn't be surprised that from a real-world perspective, national defense trumps nearly all else. It's not that the government ignores law enforcement; it obviously doesn't. But, as a nation, we seemed not to have heeded the advice given nearly a half century ago by Dwight Eisenhower in his farewell speech as president:
"This conjunction of an immense military establishment and a large arms industry is new in the American experience. The total influence - economic, political, even spiritual - is felt in every city, every statehouse, every office of the federal government. We recognize the imperative need for this development. Yet, we must not fail to comprehend its grave implications. Our toil, resources and livelihood are all involved; so is the very structure of our society.
"In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex. The potential for the disastrous rise of misplaced power exists and will persist."
When it comes to setting priorities, the virtual world mirrors real-world reality.
