Cyber practitioners have long wondered when this would happen. Now it has. The President of the United States has finally realized that the threat from malicious actors in cyberspace has grown so significant that it bears mentioning in the State of the Union Address.

In his January 24, 2012 State of the Union Address President Obama, while talking about America’s military strength, said:

“To stay one step ahead of our adversaries, I have already sent this Congress legislation that will secure our country from the growing danger of cyber-threats.”

It might be that I’m attaching more significance to this mention that it deserves. But many of us have wondered or decades why cyber threats have not warranted this level of attention. The threat of cyber attacks is significant, and the theft of intellectual property (which has an impact on the economy and jobs), is unrelenting.

It was good hearing this reference to the cyber threat in the State of the Union. I don’t mean to say I’m glad there are threats! I mean to underscore that more awareness of cyber threats is a good thing.

I wonder if my friends Howard Schmidt or Sameer Bhalotra had anything to do with this? Since they led coordination on the issues in the legislative package sent to Congress, I bet they did.

You may also like -

The Cyber Power IndexCTO Perspectives on Cyber Security BillThe FedCyber.com Cyber Security SummitPNNL Seeks Chief Cyber Security Research ScientistContinued Evolution of DoD Cyber PolicyCybersecurity Receives Emphasis In State Of The Union AddressCrucialPointLLCFurthering the Field: A Comprehensive Program for Cyber Conflict StudiesDevost.NetPlanning continues for the FedCyber.com Government-Industry Computer Security ...CTOvision.comInsider Negligence, Sophisticated Attacks Worry Federal IT Managers: SurveyCrucialPointLLCFedCyber.com Cybersecurity Summit on Wednesday, September 28CTOvision.com

John Dodge (@thedodgeretort) and Bob Gourley (@bobgourley) review the Enterprise CIO Forum’s (@ECIOForum) top 10 Cloud Security Tweets of the week in the following podcast. Tweets selected by John included:

1. zdnet: Will cloud security ever be sufficient? http://t.co/vLJjhFAY
2. cloudsa: (ISC)² and The Cloud Security Alliance Expand Cloud Security Offerings to their Memberships… http://t.co/c80DntRK
3. chrispirillo: How secure is the cloud? Which services do you think are the most secure? http://t.co/g6DCjXYD #cloud
4. joebaguley: Cloud security? Everyone should see this before they have a discussion about it - http://t.co/GL16o8PL
5. cloudsa: Cloud Providers? Enter your company into the Cloud Security Alliance STAR Registry - http://t.co/cAxDPU5j 
6. techvcnews: 5 cloud security companies to watch http://t.co/1dGCiOcd 
7. thecloudnetwork: US Lawmakers Question Cloud Security: A rush by President Barack Obama’s administration to mov… http://t.co/gfJ4xLEJ
8. @kriggins: “The Cloud Security Rules” book several of us contributed to now available on Amazon: http://t.co/cmk8anLb Kindle coming soon 
9. teksquisite: Public cloud security remains MISSION IMPOSSIBLE http://t.co/fs6TbY8q 
10. thecloudnetwork: 8 Ways to Become a Cloud Security Expert: Check out these tips for staying up-to-date and info… http://t.co/UbB9jI59 #cloud#news #TCN

You may also like -

New Enterprise CIO Forum Blog Talk RadioLatest DodgeRetort - GAO: Federal CIO's need to focus more on information man ...Special Summary: Enterprise security storiesMyths and realities of cloud securityThe Cloud and CybersecurityLatest DodgeRetort – GAO: Federal CIO’s need to focus more on information man ...CrucialPointLLCWhat you’re missing at CES 2012Bob GourleyLearn how to get ready for the FDCCI with Bob Gourley and Carahsoft (Webinar)CrucialPointLLCLearn Lessons On The FDCCI with Bob Gourley and Carahsoft (Webinar)CrucialPointLLCJoin Cloudera and Carahsoft for Big Data Success in GovernmentBob Gourley

I’ve previously written about some of the challenges of IT support in the national security space. Leaders have to balance competing mandates of mission support and security and have to do that in an environment constrained by resource limits and slowed by layers of oversight. One of the most challenging positions in the national security space is the CIO job at the Office of the Director of National Intelligence. This position is complicated because it is mandated to drive change over organizations where budgets and missions are frequently under competing pressures. It takes really savvy professionals to make a positive difference in this environment.

One of my favorite IT leaders just departed after an incredibly successful stint there. Priscilla Gutherie held this appointed position during a time of incredible chaos and she brought sanity and created an environment of continuous improvement. Priscilla is a leader with class and an ability to hold knowledge of huge enterprise architectures in her head. I think that comes from her experiences as a program manager and VP at TRW and her system engineering experience, but part of it is just because she is smart. Many of us were concerned when her tour at ODNI was up since we need mission focused thinkers like her in positions like the ODNI CIO. Little did I know, but the person the President named to fill her shoes would be Al Tarasiuk, a person who’s career has demonstrated, again and again, an ability to focus IT on mission needs to get things done (I’ve previously written about Al here: http://ctovision.com/2008/08/cia-it-leaders-are-world-class-it-leaders ).

Thanks Priscilla, on behalf of all of us who know what you did.

And thanks to you Al, for accepting the challenge of a position few others could tackle. We all wish you the best of luck as you address this very dynamic/challenging position.

Below is the text from the ODNI press release:

FOR IMMEDIATE RELEASE ODNI News Release No. 5-11
February 16, 2011

From: http://www.dni.gov/press_releases/20110216_release.pdf

PRESIDENT OBAMA TO APPOINT NEW CHIEF INFORMATION OFFICER
OF THE INTELLIGENCE COMMUNITY

President Barack Obama announced today his intention to appoint former CIA Chief Information Officer Al Tarasiuk as the chief information officer of the Intelligence Community.

“Al is well known for his leadership in information sharing and intelligence integration, and his experience, distinguished career and dedication to duty will greatly benefit the entire Intelligence Community,” said Director of National Intelligence James R. Clapper.

Tarasiuk served as CIA’s CIO from 2005 to 2010, and was director of the CIA’s Information Service Center prior to that.

He holds a bachelor’s degree in electrical engineering from the New Jersey Institute of Technology and a Master of Science from The George Washington University.

The CIO’s office is responsible for establishing common information technology standards across the Intelligence Community and for directing and managing all IT related procurement for the IC. The CIO is also tasked with developing IT architecture to support information sharing policies and objectives throughout the Intelligence Community.

==========================

Here is Al’s bio, from http://www.afceadc.org/events/bios-presentations/bio-al-tarasiuk/

Chief Information Officer
Central Intelligence Agency

Al Tarasiuk was appointed the Chief Information Officer of the Central Intelligence Agency on 1 October 2005.  His responsibilities span CIA’s global IT enterprise.  Before becoming CIO, Mr. Tarasiuk was the director of CIA’s Information Services Center.  In this role, he had responsibility for development, deployment and operational support of the CIA global information technology infrastructure.  Mr. Tarasiuk reports directly to the Director of the Central Intelligence Agency and is a member of the CIA Corporate Board.

Mr. Tarasiuk began his career in the federal government in 1986 as an electrical engineer developing and implementing RF systems.  He advanced quickly as a technical manager, program manager, and senior executive, serving in roles of increasing responsibilities and providing strong leadership, vision and delivering strategic IT solutions.

Mr. Tarasiuk holds an undergraduate degree in electrical engineering from the New Jersey Institute of Technology and a M.S. in Engineering Management from the George Washington University.

Related articles

• CIA CIO To Head IT For Intelligence Community (informationweek.com)
• In-Q-Tel Technologies/Capabilities Highlighted (ctovision.com)
• Cloudera Secures Investment and Technology Development Agreement From IQT to Support U.S. Intelligence Community (ctolabs.com)
• Endeca Government Summit: Important context on a key mission area (ctovision.com)

You may also like -

A few minutes with Justice's CIO, Vance HitchCalling All Federal Cybersecurity Practitioners: Contribute ideas and actions ...Is the Instant-On Enterprise Right for You?FBI CIO Chad Fulgham: Delivering Real CapabilityPrediction: BlueCat Networks is one you should watchLatest DodgeRetort – GAO: Federal CIO’s need to focus more on information man ...CrucialPointLLCRegister for 16 Dec webinar on what the CIO needs to know about developing se ...CrucialPointLLCNew Enterprise CIO Forum Blog Talk RadioCrucialPointLLCSINET Showcase 27 October 2010CTOvision.com2010 DoDIIS Worldwide ConferenceCTOvision.com

With this note I want to provide a three excerpts from writings of one of our nation’s greatest cyber strategists, Melissa Hathaway.

Melissa has been involved in national security issues at the highest levels of government and is known globally as a cyber thought leader for good reason.  Her actions and vision for continued progress in the cyber domain are compelling.  The work she did on the Comprehensive National Cyber Initiative (CNCI) is still regarded as a critically important plank in our nation’s attempt to secure cyberspace. And the framework and coordinating actions conducted as part of President Obama’s 60-day Cyberspace Policy Review provided a roadmap many of us believe holds great promise for addressing key national challenges.

Melissa continues to help move the ball forward on this very dynamic playing field.  Below I have pulled key sections of some of her writings that underscore her views.  A list of more of her writings are provided at the end of this post.

From the October 2009 Information Security Magazine Security 7 Award:

“Our reliance on the conveniences of remote access, and the ability of our networked control systems to reduce costs and manpower needs, have led to weaknesses that are being exploited daily by our opponents. Our nation needs a safe Internet and we must take prompt actions to protect cyberspace for our current and future needs. I believe that our nation is at a strategic crossroad; that it is late in addressing this critical national need, and our response must be focused, aggressive, and well-resourced. We must work to understand the full extent of the vulnerabilities and interdependencies of this information and communications infrastructure, and work to increase its protections and resiliency across all of the sectors of government, military and commercial dependency that we have created.

Our government must take bold steps to operationalize a partnership with industry. We need greater information sharing between the government and private sector on what is being targeted, and how, and why it is important to protect ourselves (personally, professionally, corporately, and nationally). As more of our nation’s networks are compromised and more corporate, proprietary data is stolen, America will continue to lose market advantage and begin to be deliberately displaced by our opponents.

Our opponents are targeting our multinational and private corporations on at least three fronts: (1) through industrial espionage, they target corporate intellectual property and other proprietary data; (2) they attack other targets as mechanisms to reach yet other targets, sometimes through supply chains and sometimes to target relationships; and (3) they target corporate infrastructure, by infecting networks or otherwise creating a persistent presence, as a means to allow for future targeting on either, or both, of the first two fronts.

Our government cannot develop a strategy independent of private sector insight and cooperation. Our nation will need the private sector and its services and capabilities to find these attack profiles, inform the government of them and develop the solutions to resolve them. Our government needs to cultivate a public-private partnership and action plan that identifies the requirements for the future architecture, hardware, software and services that enable security and resilience. I believe that the private sector is ready to work with government on these efforts, and in order to take advantage of this opportunity, the government must actively engage the private sector and set aggressive milestones toward achieving common goals.”

From the May 2010 Washington Post article “The cybersecurity changes we need”:

“The news is filled with scary stories about the insecurity of the computer and telecommunication systems on which our nation’s prosperity depends: malicious software planted in electricity-grid computers; rampant state-sponsored and criminal cyber-espionage and theft; and the possibility of cyberattacks on banking and transportation systems. Exactly one year ago, President Obama declared our “digital infrastructure” to be a “national security asset” and pledged to make it “secure, trustworthy and resilient.”

His administration has made little progress toward this goal, however, largely because cybersecurity is seen as a tax on short-term economic growth.

Digital progress brings many benefits, but our ever-deeper dependence on ever more complex computer systems also brings excessive security vulnerabilities. The sources of these vulnerabilities include software with too many bugs; the use of commercial off-the-shelf software produced in a global supply chain in which malicious code can be embedded by stealth; inadequate cooperation about security threats and effective security practices among firms and between firms and government; and computer malfeasance by botnets (large clusters of zombie computers, controlled by third parties, that can be used for cyberattacks).

Well more than a dozen executive branch and National Research Council reports over the past two decades attest to the fact that the government has long known about these and other causes of cyber-insecurity. But it has failed to take adequate steps to fix them because doing so is seen as a drag on innovation and profits.

Imposing liability on manufacturers will increase software prices for consumers and slow software development. So too will demands for supply chain vigilance. Mandating information-sharing is expensive and might jeopardize some corporate secrets. Clamping down on botnets will make Internet access slower and more expensive.”

From the 5 October 2010 “Power Hackers:  The US Smart Grid Is Shaping Up to Be Dangerously Insecure” in Scientific American:

This article provides context and a fact-based assessments on the cyber security posture of the coming “smart grid.”  A key assessment worth noting: the current envisaged smart grid is “a dangerously dumb idea.”  Why?:

“The problem is cybersecurity. Achieving greater efficiency and control requires hooking almost every aspect of the electricity grid up to the Internet—from the smart meter that will go into each home to the power transmission lines them selves. Connecting what are now isolated systems to the Internet will make it possible to gain access to remote sites through the use of modems, wireless networks, and both private and public networks. And yet little is being done to make it all secure.

The grid is already more open to cyberattacks than it was just a few years ago. The federal government has catalogued tens of thousands of reported vulnerabilities in the 200,000-plus miles of high-voltage transmission lines, thousands of generationplants and millions of digital controls. Utilities and private power firms have failed to install patches in security software against malware threats. Information about vendors, user names and passwords has gone unsecured. Logon information is sometimes unencrypted. Some crucial systems allow unlimited entry attempts from outside.

As the power industry continues to invest in information tech nology, these vulnerabilities will only get worse. Smart meters with designated public IP addresses may be susceptible to denial of service attacks, in which the devices are overwhelmed with spurious requests—the same kind of attacks now made on Web sites. Such an attack could result in loss of communication between the utility and meters—and the subsequent denial of power to your home or business.

The smart grid would also provide hackers with a potential source of private information to steal. Just as they use phishing attacks to elicit passwords, credit-card numbers and other data stored on home computers, hackers could find ways of intercepting customer data from smart meters. A sophisticated burglar might use these data to figure out when you’re away on vacation, the better to rob your house.”

Some Concluding Thoughts:

The three excepts above build arguments for:

• Enhanced awareness of the threat
• Goals of enhanced resiliency and also information protection are critical
• The government can play a lead role, but must coordinate and cooperate with industry, academia and citizens
• The administration’s slowdown in addressing cyber challenges may be due to views that security comes with too much cost (arguments can be made that if done right this saves jobs, more on that in coming posts).
• The vision for smart power grids has many positive objectives.  But failure to design security in at the beginning will make this a foolish idea.  Security must always be considered at the beginning of a project.

I’ve heard from Melissa that she plans on continuing to write, and I look forward to future articles.  I would also recommend you take a look at more of her writings.  A list is provided below:

Find more at:

• http://belfercenter.ksg.harvard.edu/experts/2132/melissa_hathaway.html
• http://media.techtarget.com/searchSecurity/downloads/F_1009_ISM_eM.pdf
• http://www.washingtontimes.com/news/2009/nov/25/a-safe-harbor-for-our-foes/
• http://blog.executivebiz.com/five-myths-about-cybersecurity/6102
• http://www.thenewnewinternet.com/2010/05/07/why-successful-partnerships-are-critical-for-promoting-cybersecurity/
• http://belfercenter.org/publication/20133/cybersecurity.html
• http://www.washingtonpost.com/wp-dyn/content/article/2010/05/28/AR2010052803698.html
• http://www.govinfosecurity.com/articles.php?art_id=2627
• http://www.govconexec.com/2010/06/13/your-organizations-it-security-reflects-on-you/
• http://www.federalnewsradio.com/?nid=17&sid=2042610
• http://www.scientificamerican.com/article.cfm?id=power-hackers

You may also like -

I Haven't Trusted My Toaster for 15 YearsIntelligence Community Executive Forum on Cyber OperationsThe most well thought out research agenda for cyber security I have seen to dateA First For The Nation: NERC Completes First Grid Security ExerciseCrucialPointLLC

I have a thesis I would like to try on you.

In the IT world, like in many other human endeavors, the things that get measured get improved. And the things that don’t get measured are easy to ignore.  So, when the world’s largest IT enterprise (the US federal government) starts measuring IT differently we need to take note.

Specifically the feds will be improving the measurement of energy efficiencies of IT.  This will be done to meet goals mandated by an executive order that President Obama signed on 5 October 2009 titled “FEDERAL LEADERSHIP IN ENVIRONMENTAL, ENERGY, AND ECONOMIC PERFORMANCE”.

See: http://www.whitehouse.gov/the_press_office/President-Obama-signs-an-Executive-Order-Focused-on-Federal-Leadership-in-Environmental-Energy-and-Economic-Performance

Agencies will no longer be able to ignore the cost of energy for their IT.  The Federal Government will be required to lead by example in IT efficiency.  Agencies are required to promote electronics stewardship, acquire energy efficient IT, enable IT power management, and implement best management practices for energy-efficient management of servers and Federal data centers.

What is the “so-what” here?

In most cases in the federal government, the agency CIO does not have to share in the energy bill. The CIO gets energy for free.  So energy costs have never been a driver in CIO decisions.  Now, even if CIOs do not have to pay for energy, they are going to be measured by energy efficiencies.  This will give them more reason to modernize.   By selecting newer multi-core servers and newer storage devices (like Solid State Disk (SSD)), dramatic energy efficiencies can be gained in ways that also dramatically increase performance.  They will also be encouraged to virtualize more, and will also be encouraged to build in more collaborative technologies that let humans interact across great distances.  All this will increase performance.

So now we get to the “so-what” of my thesis.  Saving energy in IT requires modernization.  And modernization also improves performance.  So we all win! We save energy, reduce pollution, and improve IT performance!

Do you buy that thesis?

You may also like -

Google Engineering and Insights Into Human NatureIf You Could Pick One Thing For Congress To Do Regarding CyberSecurity, What ...Big Data and the Enterprise CIOCrucialPointLLCThe Evolving Enterprise Threat EnvironmentCrucialPointLLC

For your viewing pleasure I provide below ten “must see” videos I recommend to any enterprise-class Chief Technology Officer (CTO) and Chief Information Officer (CIO). Each presents information we should all be thinking through regarding the future of IT and each can add value to your strategic planning. Your comments/suggestions/thoughts on this list would be most appreciated.

The Top Ten CTO Videos from CTOvision.com

Game Changing Wearable Tech from MIT: How much of your enterprise data will you expose this way? How will you secure it? How will you authenticate users of this device? These questions all come to mind with this video.  The video also underscores the importance of connectivity to the grid.

What is Cloud Computing: Get the views of several informed thinkers on this still dynamic topic.

Inside the Obama Tech Transition: Technology, Innovation and Government. Important background for all technologists.

This is humor but there are lessons here every enterprise CIO will resonate with: Will your users ever be “happy?”

GameSpot: Think of this and what it means for Thin Client power.

Inside a Google Data Center: This was once secret territory.

Rackable’s CloudRack: Very flexible and power-saving.  This is just one approach, there are many others.

Clay Shirky on “Here Comes Everybody”: Your users are going to be so empowered it will change your business.

Microsoft data center containers: An idea from Sun now being used everywhere.

Google Wave Developer Preview: If you could design the Internet over, what would you do?

I actually had a very very hard time picking the top ten.  I have a bout 20 others I’m evaluating now and as we tire of the ones above I’ll move more into the top of the list.  Some I know need to be watched by many include these fantastic recaps by Dion Hinchcliffe:

And this one of Dion on Web2.0 maturing:

You may also like -

Changes to the Tech LandscapeLearn how to get ready for the FDCCI with Bob Gourley and Carahsoft (Webinar)2010 DoDIIS Worldwide ConferenceZafeSoft Information Security and ControlIntelligence Community Executive Forum on Cyber OperationsFedCyber.com Cybersecurity Summit on Wednesday, September 28CrucialPointLLCCTOs: Provide your inputs on how the government will implement cloud computin ...CTOvision.comNew Enterprise CIO Forum Blog Talk RadioCrucialPointLLCBig Data Highlights from McKinsey: Personal Location DataCrucialPointLLCFixmo Announces Advisory Board, Adds to Board of DirectorsCrucialPointLLC

The last 12 months has seen a significant amount of progress in our nation’s awareness of cyber threats and in our collective actions to address the security of our IT systems.  However, a huge amount of work remains to be done.

In a cyber context, the situation is a little like the one Winston Churchill described when he said: “This is not the end.  It is not even the beginning of the end.  But it is, perhaps, the end of the beginning.” We in the cyber world have taken some serious blows, and we are shoring up our defenses.  But there is a long long way to go before our objectives are met.

With this post I want to provide a snapshot of some of the progress of late.

1) CNCI: The Comprehensive National Cybersecurity Initiative provided a kickstart to many elements of the federal enterprise and facilitated coordination action by multiple agencies.  It was also an important evolution for Congress.  The changes to the federal budget and the intentions of agencies was very positive.  It is my opinion that the CNCI made a lasting positive difference in reducing unauthorized access into the federal enterprise and in enhancing resiliency of our systems. For more info see:

• CNCI reporting at CTOvision.com

2) The CSIS report and related actions/studies: This 8 Dec 2008 report is the result of hard work and collective study by some of the best brains in the cyber security world.  Commissioners on the study are a who’s-who of security and the quality of this report is a direct reflection of this fact.  The report offers recommendations on multiple hard areas and should be referenced by anyone making decisions in the IT arena.  A recent related development is the posting by SANS of the Common Audit Guidelines.  This is a fantastic step towards providing guidelines to enhancing security and functionality. For more info see:

• CTOs, Global Cyberwar and our Collective Future
• Enhancing Security and Functionality at the Same Time

3) GAO Reports: Never in my life have I been so pleased with the quality of GAO reporting.  They have been doing fantastic work pulling together information on a wide range of technology issues.  Key among them is reporting on cyber security.  For example, the 10 March 2009 report on “National Cybersecurity Strategy.” This report captures a statement by David Powner, Director of Information Technology Management Issues for GAO. The report recommends twelve key strategy improvements needed now, most of which are in total consonance with the CSIS report. For more info see:

• “National Cybersecurity Strategy“

4) The Obama Administration Review: Being true to promises during the campaign, the Obama administration began a review of cyber in a way that is open and is proactively seeking out inputs from all quarters.   Great work in liaison with industry, academia and internal in the federal government is underway.   This type of liaison has immediate benefit in building bridges with large teams of people who need to work well together to engineer enduring solutions, so it has already delivered benefits. For more info see:

• White House Conducting Review of Cyber

The four topics above are all things that are translating to real action to improve the security posture of both the federal IT enterprise and the critical infrastructures of the nation.  In my opinion, great progress is being made.

But now is not the time to rest on our laurels.  The battle has just begun.

You may also like -

The most well thought out research agenda for cyber security I have seen to datePresident Mentions Cyber-Threats in State of the Union AddressCNO Part 2: Computer Network DefenseMature Models for Healthy and Resilient Cyber SystemsPNNL Seeks Chief Cyber Security Research ScientistSurvey says: Security risks never higher, or more costlyCrucialPointLLCEvolving Approaches to Cyber ThreatsBob GourleyIf You Could Pick One Thing For Congress To Do Regarding CyberSecurity, What ...CrucialPointLLCMelissa Hathaway: Compelling action along a broad frontCTOvision.comContinued Evolution of DoD Cyber PolicyCTOvision.com

Followers of the cyber initiative and its related work have been strongly encouraged by the kickoff of a 60 day study tasked by the White House and led by Melissa Hathaway.  Melissa was named by President Obama to conduct this review.   As has been reported here in previous posts Melissa is one of the most effective, efficient senior executives in public service, and I have no doubt she will execute this task in a way that benefits the nation.

As an update, the White House blog posted an entry on this study today.  It reads as follows:

White House Blog
Monday, March 2nd, 2009 at 11:14 am
Cyber review underway

John Brennan, Assistant to the President for Homeland Security and Counterterrorism, passed along this update about the ongoing review of our nation’s communications and information infrastructure.

In response to President Obama’s direction, the National Security Council and Homeland Security Council are presently conducting a 60-day review of the plans, programs, and activities underway throughout the government that address our communications and information infrastructure (i.e., cyberspace). The purpose of the review is to develop a strategic framework to ensure that our initiatives in this area are appropriately integrated, resourced and coordinated both within the Executive Branch and with Congress and the private sector.

Our nation’s security and economic prosperity depend on the security, stability, and integrity of communications and information infrastructure that are largely privately-owned and globally-operated. Safeguarding these important interests will require balanced decision making that integrates and harmonizes our national and economic security objectives with enduring respect for the rule of law. Guided by this principle, the review will build upon existing policies and structures to formulate a new vision for a national public-private partnership and an action plan to:
enhance economic prosperity and facilitate market leadership for the U.S. information and communications industry; deter, prevent, detect, defend against, respond to, and remediate disruptions and damage to U.S. communications and information infrastructure; ensure U.S. capabilities to operate in cyberspace in support of national goals; and safeguard the privacy rights and civil liberties of our citizens.

The review will be completed by the end of April 2009. At that time, the review team will present its recommendations to the President regarding an optimal White House organizational construct to address issues related to U.S. and global information and communications infrastructure and capabilities. The recommendations also will include an action plan on identifying and prioritizing further work in this area.

Learn more about the administration’s Homeland Security priorities.

UNQUOTE

The fact of this White House blog entry is a huge signal that something has changed.  Openness on this topic was unthinkable just months ago.  We have also seen more direct work with industry groups on cyber, another positive step.

There is a great deal of work to be done in a very short amount of time.  What ever the result of this review is I’m sure it will be first rate and I’m ready to support it fully.  It is not often that I endorse something before it is done, but in this case I think it is the right thing to do.   There are too many bad things happening because of poor security, and too much of the economy is hurting because of it.

You may also like -

CTO Perspectives on Cyber Security BillFedCyber.com Cybersecurity Summit on Wednesday, September 28Interested in Cyber Security? Read (and support) the new Cybersecurity Legisl ...Debrief from The White House Forum on IT Management ReformThe U.S. International Strategy for CyberspaceDeputy cyber coordinator leaving the White HouseCrucialPointLLCWhite House grading agency cyber progressCrucialPointLLCTurnover in DHS cyber office continues, Nicole Dean leavingBob GourleyFurthering the Field: A Comprehensive Program for Cyber Conflict StudiesDevost.NetDept. of Energy developing project to reinforce grid cybersecurityCrucialPointLLC

[amtap book:isbn=1934840807]
The world does not change in discrete, binary steps.  There is a great deal of continuity from the past to the present and on to the future.  But many of us sense things are different in the world today.   Technology is changing every life and every business, economic megatrends are producing changes, war and conflict and terrorism inject uncertainty, and the entire dynamic of human events is moving faster and faster.

On top of that, a new U.S. administration led by a new President has just assumed executive power in the U.S.  This is clearly a time for us all to take stock.

I was privileged to have been asked by Michael Tanji to contribute to a book he edited on topics relevant to this new dynamic called “Threats In The Age of Obama.”  This compilation consists of a survey of the new national security threat landscape by Tanji and then examinations of a wide swath of threats captured by national security experts.

Topics and Contributors include:

• The Threat Landscape, Michael Tanji
• The Tangled Relationship Between Organized Crime,
  Terrorism and Proliferation, Christopher A. Corpora, Ph.D
• The Terrorism Meme–Looking Beyond the Current Threat,
  Matthew G. Devost
• Crazy as a Fox, Adrian Martin
• Infectious Diseases, Foreign Militaries, and US National
  Security, Christopher Albon
• Pakistan as a Nuclear Risk, Steve Schippert
• Nuclear Nonproliferation in the 21st Century, Cheryl Rofer and Molly Cernicek
• Into the Complex Terrain, Tim Stevens
• Simulated “Black Swans”: National Security, Perception
  Operations, and the Expansion of the Infosphere,
  Adam Elkus
• An Outbreak of Peace and Democracy, Daniel H. Abbott
• Ideas and Strategies for a More Secure Future, Michael Tanji
• Preparing One’s Mind to See, Art Hutchinson
• The Issues of Non-State Actors and the Nation State, Samuel P. Liles
• The Future of Missile Defense Policy, Tom Karako
• Toward a Contemporary Deterrence Strategy, Carolyn Leddy
• An Information Age Strategy for Government Information Technology, Mathew Burton
• The Future of Cyberspace Security: The Law of the Rodeo,
  Bob Gourley
• Security Evolution, Gunnar Peterson
• Arming for the Second War of Ideas, Matt Armstrong
• Blurring the Lines Between War and Peace, Shane Deichman
• Reconfiguring the National Security Architecture, Shlok Vaidya
• A Grand Strategy for a Networked Civilization, Mark Safranski

Most of these authors are wired web2.0 experts who are well published in new media and reachable by any who seek to interact on these very important topics (see contact info below).   My recommendation: Read the book and scrutinize it.  If you find any aspect you take issue with, seek out the section’s author and engage them in the intellectual interaction required to drive a greater understanding of these many issues. We also plan several events where the contributors will sit on panels and take questions and interact.

Whatever your method, please find ways to contribute to the dialog. Your contributions can significantly enhance our nation’s ability to succeed in our responses to the many threats of this age.

Please check out the book here: “Threats In The Age of Obama.”

Contributing authors include, in alphabetical order, Dan tdaxp, Christopher Albon, Matt Armstrong, Matthew Burton, Molly Cernicek, Christopher Corpora, Shane Deichman, Adam Elkus, Matt Devost, Bob Gourley, Art Hutchinson, Tom Karako, Carolyn Leddy, Samuel Liles, Adrian Martin, Gunnar Peterson, Cheryl Rofer, Mark Safranski, Steve Schippert, Tim Stevens, and Shlok Vaidya. And of course, editor and contributor, Michael Tanji.

You may also like -

President Mentions Cyber-Threats in State of the Union AddressInterested in Cyber Security? Read (and support) the new Cybersecurity Legisl ...Enhancing Functionality and Security of your Enterprise with vProIntelligently Adapt with CloudShieldIf you research asymmetric war, use the NCTC WITS systemObama officials, senators agree to seek cyber dealCrucialPointLLCWarrants Needed for GPS Monitoring, Supreme Court RulesCrucialPointLLCObama Fortifies Efforts To Protect Critical InfrastructureCrucialPointLLCWilliam J. Lynn: The Pentagon’s Cyber Strategy, One Year LaterCrucialPointLLCU.S. Military Chief: “We’re under constant attack every day”CrucialPointLLC