WASHINGTON-“The cybersecurity threat is real. The vulnerabilities are extensive, and the time for action is now,” said Bob Dix, staff director of the House Government Reform information and technology policy subcommittee.
Thus started Monday night’s “Tech Talk: Cybersecurity: The Threat and Response” panel, sponsored by the National Press Club.
Dix said cybersecurity must be elevated to the highest levels of an organization. “Most people consider information security to be a technology issue.”
Richard Forno, a technology scholar, agreed, saying cybersecurity is mostly a people problem.
“The underlying basis for all of this is not hardware, it is not software. It is wetware. It is people. People develop, design, code, market, research, develop, procure, deploy, administer, attack, crack, legislate and prosecute information resources, so we have to attack the people problem, and by extension the technology problem will fall into place,” said Richard Forno, technology scholar.
Forno believes wireless systems may currently be less secure, but the same principles and skills used to tackle cybersecurity in the wired world are effective in the wireless world. He warned that customers should not fall prey to “wireless solutions.”
“Wireless may be a little less secure because there is no wire, but the methods of protecting information in a wireless environment are really no different than those you take in a wired environment. One of my main concerns is security measures that promote wireless security packages that do the exact same thing that you do in your home for the wired version,” said Forno.
Additionally, entities should not believe that just because wireless is currently popular and exciting that they must implement it, said Forno.
“Because wireless is all the rage, it doesn’t mean we have to have it everywhere in our networks. Just because it is new doesn’t mean we have to have it,” said Forno.
Cybersecurity is not a government problem, said Hun Kim, director of strategic initiatives of the National Cybersecurity Division of the Department of Homeland Security.
“Information technology security is not the Department of Homeland Security’s problem, it is everybody’s problem,” said Kim.
This brought a strong rebuke from Dix. “DHS has a role in this. The primary role of government is to protect the people. These systems sit there very vulnerable,” he said.
Dix said that although Rep. Adam Putnam (R-Fla.) is from an agricultural background, he is the youngest member of Congress-and the youngest ever to chair a subcommittee-and he understands the importance of technology. “There has never been a day in his life when technology was not present,” said Dix.
Putnam replaced Rep. Steve Horn (R-Calif.), who retired in 2002. Horn had instituted a federal government cybersecurity report card. Putnam has kept the practice, said Dix. In 2002, the federal government got an “F.” This increased to a “D” in 2003 with eight agencies still receiving failing grades, he said.
