Register   Login
 Announcements Maximize
      
 Events Calendar Maximize
      
 The State of the dis-union Minimize
Location: BlogsPuget Sound Cyber Security    
Posted by: David.Matthews@Seattle.Gov 9/10/2007 9:16 PM

There has been a lot of talk lately about the fact that we have effectively lost the war against the cyber crooks. There are some who argue that we're just losing for now, but given enough time, vigilance and committment we can still make a come-back. There are others who insist that it's all over but the crying and we might as well scrap the entire Internet concept and try something new.

In between there are many flavors of opinion. Does this sound familiar to anyone else? Right now our nation is wrapped up in a civil war in Iraq. There are persistent rumors that we might be poised to attack Iran as well. Again, we have the one side saying, "stay the course" and we can eventually achieve our goals against the terrorist threat. While others, equally convincing and passionate, say we have already spent too many lives and far too much money and it is a lost cause. And once again, there are a myriad of opinions across the entire spectrum of thought.

I won't argue one way or another here, but since this is a blog and therefore opinions are encouraged, I will be honest and say that I come down on the end closer to the "left" if you will on both issues. I feel the cyber wars are certainly lost at this point and are unlikely to swing back into equilibrium as long as there is so much money to be made in cyber crime. I also hold little hope that we will ever manage to break the ancient cycle of tribal distrust and sectarian violence that has plagued the Middle East for all of history.

All of these conflicts have similarities on the more micro level with conflicts we see every day around us. Today, my boss told me he witnessed a man being attacked and viciously beaten on a downtown street. Every day women and children are abused in our neighborhoods. We fight with our partners and children often over ridiculous and meaningless things. Perhaps the bottom line is that as humans conflict is inherently a part of our nature.

I have read in spiritual treatises the thought that we bring confict into our lives in order to experience pain and suffering. Why would we choose to experience pain, or disseminate suffering to ourselves or others? Perhaps because we do not believe that we have enough and that we are taken care of, or that we can trust in goodness. Perhaps in the end it is because we live our lives in fear of want. Even here in the richest society on earth where we take it for granted that our water is clean and there will be food in the stores and gas for our cars and electricity for everything we need. Even here, we still live and act out of fear because we know it is all illusion and the house of cards could collapse at any time.

So we create conflict to test our assumptions, to test our alliances, to test our security. On a micro scale we do so in our homes and communities. On a macro scale we still build weapons of mass destruction that could end the entire human experience in a matter of moments.

I wonder if there might not be a way to end this cycle of fear. Maybe I'll speak to that next time.

 
Copyright ©2007 David Matthews
Permalink |  Trackback
Comments (1)  
Re: The State of the dis-union    By David.Matthews@Seattle.Gov on 9/12/2007 3:49 PM
This comment actually came from Ray Pompon. He had trouble posting it so I wanted to do so for him. Very good thoughts:

I don't think we've lost the war against cybercrime. Mostly because
"war" is a poor metaphor for what we're dealing with**. Will there be a
peace? A peace where there is no crime or hackers on the Internet?
Unlikely. Who exactly is the enemy? Criminals? Wars against an
abstract concept are about as useful as holding back the weather with
your outstretched palms. No, there is no war. Just parasites. And as
Cory Doctorow says, all healthy systems attract parasites. The fact
that we're finally using cyberspace for something useful means the
crooks will appear. It's our job to keep the parasite level down to
acceptable levels.

So now the question is: are we doing that? Well, for some
organizations that care enough to expend the resources, the answer is
yes. For other organizations, probably not. What I think we need is to
help those organizations that aren't at acceptable levels, get there.
And show them how to measure things and where to get the most bang for
their buck. That is something worth doing.

** And if you're talking about real cyber-war. Like nation-state
stuff. Well, my hands are tied. The cops won't let me engage in any
meaningful cyber-warfare, just like they wouldn't let me mount a Phalanx
CIWS on the roof my business. So it's pointless for me to discuss
fighting a cyber-war.
  
 PugetSoundCyberSecurity Blog Minimize
You must be logged in and have permission to create or edit a blog.
    
 PugetSoundCyberSecurity Blog Minimize
    
 PugetSoundCyberSecurity Blog Minimize
    
 
Puget Sound Alliance for Cyber Security (PSACS)
 
The Mission of the Puget Sound Alliance for Cyber Security (PSACS) is to improve and maximize the cyber resilience of the Puget Sound region by maximizing opportunities and communications between local, regional and federal organizations and enterprises. PSACS is seen as a catalyst for regional organizations to be better prepared for cyber events.
 
This Mission is accomplished by means of a roundtable format bringing the various cyber-centric organizations in the region together and using various means of information exchange, coordination and training through such means as:
 
  • Cyber Security and Infrastructure Security Resource Portal
  • Cyber Security Community
  • Best Practices Exchange
  • Joint Projects and Policy Analysis and Development Activities
  • Funding and Grant Reviews
  • Training and Education Coordination
  • Participation in Regional and State decision-making bodies (e.g. King County RHSS).
 
Under the umbrella of the Puget Sound Partnership for Infrastructure Security (PRIS) The ultimate purpose of PCACS is to ensure that the various organizations in the Puget Sound Region – as well as those international, federal, regional and local organizations that interface with the region – are provided information, tools, concepts and good practices to help them be better prepared for cyber incident defense and response.
 
Governance
 
PSACS seeks to avoid strict hierarchy and structure while creating an environment of trust for membership that facilitates sharing and relationship among IT security professionals. As such, the core membership under the presidency of co-chairs will form limited governance structure towards these goals.
 
 
PSACS Co-Chairs
 

Public Sector
David Matthews
Deputy CISO
City of Seattle
(206)233-2764
Private Sector
Jerry Cochran
Sr. Security Strategist
Microsoft
(425)706-4311
 
 
 Useful Links Maximize
      
Terms Of Use   Privacy Statement   PNWER