How much cybersecurity is needed to prevent a cyber-Katrina?

(Originally written and posted at www.wikinomics.com)

I came across a great article over the weekend discussing the proposed Cybersecurity Act of 2009, currently in working draft status in Congress (as a sidenote, I was directed to it via the GovLoop daily “Sweet Tweets” blog, an excellent source of Gov 2.0 news for anyone interested in this space). You may have read about this bill last week; the preamble states that it’s designed to protect online commerce, both for the US and its partners, by developing a “cadre of [IT] specialists to improve and maintain effective cybersecurity defenses,” a proposal that I imagine most citizens would support.

The issue of cybersecurity is nothing new; you can read Obama and Biden’s homeland security agenda, and specifically their objectives for “protecting our information networks” right here. On a more interesting note, the issue of a Katrina-like disaster in cyberspace has been a topic of major interest over the past few months. In February, former Whitehouse cybersecurity official Paul Kurts addressed the lack of a ‘FEMA for the internet’. More recently, the online discourse surrounding cybersecurity has ramped up substantially, particularly following the anxiety over last week’s Conficker Worm. This only stengthened the push for an American cyberecurity czar, which according to US Senator Olympia Snowe (R-Maine), is an absolute necessity. In a statement released last week, Snowe (co-author of the new bill) argued that “if we fail to take swift action, we, regrettably, risk a cyber Katrina.”

The bill’s most striking proposal (Section 18, paragraph 2), and the central issue of the article I cited above, is that the new legislation would give the President emergency authority to halt web traffic, effectively shutting down the internet. Not surprisingly, this created something of an uproar among political bloggers over the weekend, many of whom took issue with this expansion of federal powers.

Much of the opposition to the bill falls among ideological lines; one blog reader commented that “he who would sacrifice liberty for security deserves neither,” rehashing a libertarian argument that long predates the internet.

Debates involving a liberty-security tradeoff are nothing new, nor is a generalized a lack of trust in federal government, both long-standing issues among Americans. On the flip side, the analogies to the disasters of 9/11 and Katrina are also largely disconnected from the issue at hand; these arguments have a tendency to bubble up every time a debate arises over the liberty-security tradeoff.

In my opinion, the ideological arguments that simply cite pre-internet cases and debates, both for and against the bill, do little to confront the issue at hand. The issues surrounding cybersecurity and cyberterrorism are very different than anything we’ve confronted in the past (contrary to most of the parallel arguments currently being made). I’ll be the first to admit that I don’t have a full grasp over the threats at hand. Whereas I feel well-read enough to comment over issues like journalism censorship or detainment of suspected terrorists, the issue of cybersecurity is one where I simply don’t know enough about the threats to make an informed opinion on the liberty-security tradeoff (even though I have been reading about it). Even the blogs and articles I’ve read have done little to convince me that these authors have much more understanding of the issue than I do.

Growing up with a very open and libertarian internet, I’m no fan of the notion that a federal government could shut it down. But then again, with the recent scares over Conficker (see Steve’s Skynet blogs), we may be entering a new age where more internet policing becomes a necessity, with governments needing more tools to limit damage in an emergency situation. The scale and scope of said tools is currently up for debate, and rightfully so. But that said, let’s try to focus the debate on the risks and needs that we’re now facing, and avoid referring solely to ideologies and analogies that pre-date the internet.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: