Because so much of this affects my industry, I'm going to focus on just a single issue regarding the cybersecurity bills that are presently before Congress. The sticking point - if a business enterprise encounters a cybersecurity threat, which government agency or agencies should be informed? Representative Mike McCaul, who crafted the version of the bill that designates the Department of Homeland Security as the receiving agency, said the following:
"We want DHS to be the lead civilian agency — not the FBI, who can prosecute you; not the NSA, who can spy on you."
Erin Kelly of USA Today explained the distinction between the agencies:
Specifically, coalition members worry that the final bill will be stripped of the requirement that any cyber threat information from the private sector be sent to the Department of Homeland Security, a civilian agency that has stricter privacy regulations than the Pentagon's National Security Agency. The NSA has generated controversy for its mass surveillance of Americans' phone data.
As Kelly's article notes, there is no such thing as a unified Big Brother. In this instance, there's a fight between various factions of Congress to decide which U.S. government agency should get cyberthreat notifications. And presumably people within the agencies themselves are fighting with each other over that data.
Kelly schooled me on one thing - I had always thought that the NSA was an independent agency. It turns out that it IS part of the Department of Defense.
But that doesn't stop Pentagon-NSA fights. Take this one from 2012, which happened before the Snowden revelations:
In the midst of an ongoing turf battle over how big a role the National Security Agency should play in securing the nation’s critical infrastructure, a Defense Department official asserted on Wednesday that the military’s controversial intelligence agency should take a backseat to the Department of Homeland Security in this regard.
When even the Department of Defense is fighting with the Department of Defense over something, comparisons to a monolithic Orwellian supersecurity service fall flat.
Thrown for a (school) loop
-
You know what they say - if you don't own your web presence, you're taking
a huge risk. For example, let's say that you decide to start the Red Green
Compa...
4 years ago