Melissa Hathaway’s keynote address at the RSA Conference will be a timely one for the Obama Adminstration.
Hathaway is leading a review for the Obama Administration of the nation’s cyber security efforts. Her keynote address, announced today, will coincide with the end of a two-month review that is expected to lead to major changes in how cyber security is appropached by the federal government. Hathaway is expected to present to the president just before the start of RSA.
What a hot button issue for the RSA conference. Obama has signaled his moves to take away cyber security powers from the Office of Homeland Security. That’s a political game but the stakes for the IT community are even higher as the changes he wants to make may mean a far deeper relationship between government and industry.
Bruce Schneier uncovered an interview with Hathaway that gives a glimpse behind her thinking and what we can expect to hear from her at the RSA Conference. Read closely and it is clear her emphasis on the relationship between government and the commercial sector.
Something more to think about, the US Senate will see legislation that would give the president the ability to halt web traffic in case of national emergency. This will sure to be another discussion point that Hathaway will be asked about at the conference.
Hathaway’s discussion comes in the wake of a series of cyber attacks. Botnets, for example, are the issues of the day.
The worm did exactly what everyone thought it was going to do, which is update itself,” security expert Dan Kaminsky, who helped develop a widely-used Conficker scanner in the days leading up to April 1, told us. “The world wants there to be fireworks, or some Ebola-class, computers-exploding-all-over-the-world event or God knows what, but the reality is…the Conficker developers have cemented their ability to push updates through any fences the good guys have managed to build in February and March.”
There’s no smashing, here. Botnets are networks with their own botnet developers. IT managers will have to become more astute about understanding the botnet architecture and how a client is built. In this example, the focus is on showing malicious code and understanding how it works.
The scope of the cyber security effort is unknown but watching Obama and how he is working as president, it’s clear that there will be an effort to take a holistic approach.
Cyber security expert Melih Abdulhayoglu says the focus should be about taking away the ability of cyber criminals to take control of CPU power and connectivity:
Finally, here’s an op-ed by Hathaway that should give a bit more insight into her thinking last Fall, when she worked for the Bush administration.