The Obama administration has sent a number of signals that it takes the information infrastructure of the nation seriously, having approved stimulus money for broadband and established a post for a national CTO. In parallel with these actions, the administration authorized a review of the national cybersecurity policy, and that review is now complete. Depending on how you read the resulting report, it concluded either that we don’t have a cybersecurity policy, or that we have too many of them; in either case, its authors have made a number of very specific suggestions as to how to improve the situation.
The report is fairly blunt, stating early on that “the architecture of the Nation’s digital infrastructure, based largely upon the Internet, is not secure or resilient.” As our network infrastructure has developed, the focus has been on things like performance, ease-of-use, and compatibility, and security consciousness was pretty low for much of its history. So, it’s not a surprise that both government and private computer systems have been victimized, and evidence suggests that both private parties and foreign governments have been behind these attacks.
Click here to read the rest of this article
Originally Syndicated via RSS from Ars Technica
