DorobekINSIDER: Is cybersecurity over-hyped?

I had the pleasure last night to attend the Intelligence Squared debate series — the first one held in Washington, DC. (Yes, it was a wonk-fest. After all...

I had the pleasure last night to attend the Intelligence Squared debate series — the first one held in Washington, DC. (Yes, it was a wonk-fest. After all, there were some other big events in DC last night. Washington Nationals pitching sensation Stephen Stassburg was proving worthy of all the hype over at the Washington Nationals ballpark… and James Taylor and Carole King were in DC for their tour. Moderator John Donvan from ABC News joked that people had to be really wonky to show up given the competing events.)

The packed house at the Newseum were treated to a fascinating debate focused on the “motion”: The cyber war threat has been grossly exaggerated.

Arguing in favor of that contention:
* Marc Rotenberg, executive director of the Electronic Privacy Information Center (EPIC)
* Bruce Schneier, the cryptographer, computer security specialist, and writer who is the founder and chief technology officer of BT Counterpane, formerly Counterpane Internet Security. He writes the popular Schneier on Security blog.

Arguing in opposition to that contention:

* Mike McConnell, former vice admiral in the Navy, the former director of the National Security Agency and the former Director of National Intelligence. He now works for Booz Allen Hamilton.
* Jonathan Zittrain, professor of Internet law at Harvard Law School and a faculty co-director of Harvard’s Berkman Center for Internet & Society. He writes the Future of the Internet blog and is on Twitter.

The debate started out by polling the audience asking us the question: The cyber war threat has been grossly exaggerated.
Initial results:
* Yes: 24 percent
* No: 54 percent
* Undecided: 22 percent

Before we offer more about the debate, how would you vote?

The debate actually focused on the question: Yes, there is a treat, but is it war?

The proponents of the arguement essentially made the point: Show me the war. Schneier said that the Internet has proven to be more resiliant then expected then anticipated or expected. While both he and Rotenberg acknowledged the threats, they argued that the “war” terminology is exaggerated… and dangerous.

“What you do with a threat of war is you call in the military, and you get military solutions,” Schneier said.

Rotenberg argued the militarization of the Internet is part of a long effort by the military and intelligence organizations to take the reins of the Internet — and he pointed to the infamous “clipper” chip from the 1990s, which would have given the government the keys to strong encryption. The argument: If something becomes a “war,” then other important issues — such as privacy — get shoved aside.

McConnell argued that the treats are very real, and, essentially, the country needs to understand how significant they are. And yes, there hasn’t been a “cyber Pearl Harbor,” but… during the Cold War, there were no nukes fired. The question is how you best prepare and defend these mission critical systems. He argues that society depends on trust and interdependency.

The cyber-war debate (Parente photo)

Zittrain said there is little argument that these are, in fact, hostel actors out there who are interested in attacking U.S. interests and livelihood. And he argued that these technologies are more fragile then we might believe.

The two sides even disagreed about the now infamous Russian, or believed to be Russian, cyber-attack on Georgia. Schneier argued that it amounted to a fancy denial of service attack and he scoffed arguing that is it really a war if you can’t go to the Department of Motor Vehicles? McConnell, however, argued that the Russian attack helped bring Georgia to its knees.

After the debate was done, the audience vote on the question: The cyber war threat has been grossly exaggerated.
Initial results:
* Yes: 23 percent
* No: 71 percent
* Undecided: 6 percent

A special thanks to Chris Parente, managing director at Strategic Communications, who invited me to the debate. Very much appreciated. Parente has posted his take of the event here.

Also read Fierce Government IT’s coverage.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

    Stacy Bostjanick and Jennifer Henderson

    Risk and Compliance Exchange 2024: DoD’ Stacy Bostjanick, DCMA’s Jennifer Henderson on finding ‘any means possible’ to help small biz with CMMC

    Read more
    Amelia Brust/Federal News Networkcybersecurity

    How should software producers be held accountable for shoddy cybersecurity products?

    Read more