Tuesday, November 8, 2016

New Agencies We Need in the Next Administration



National Cyber Forensics Agency

We need an agency in charge of decryption of phones and analysis of data. It's not just about managing the decryption tools themselves, which are going to remain secret and not handed out to local PDs and FBI offices, but gaining the know-how of how you do forensics and data minimization in a robust way to protect US civil liberties.

This is going to cost a lot more money than I think people are expecting, but we have to do it, and the longer we wait, the more expensive it will be to bootstrap.

National Active Defense Agency

Marketing buzz has ruined the term "Active Defense". But "hack-back" is unpalatably honest. However, if you keep a careful eye on the policy groups, they are quickly finding ways to lay the groundwork for an agency that uses private dollars to hack back against Chinese/Russian C2, and legalize active measures against botnets and worms such as MIRAI.

This is not as hard legally and politically as people sometimes make it sound. You just run it like a penetration testing company, with scope and authority from DHS and money and talent from the private sector. And you make the State Dept sell it overseas, because that's their job and we work with the cyber norms we have, not the ones we want, sometimes.

National CISO

CISO is one of those jobs that destroys people. Thankless, and with the cloud of doom sticking to your pant legs like a toddler's poo everywhere you go. But we need, not centralization, but clarity of vision and of quality and, frankly, someone to give our executives in Government the straight dope of what they can and can't do with regards to their own IT infrastructure. We need a salesperson who can sell a unified government security fabric to all of the many business units that make up the Federal Government. So far we've concentrated on finding bureaucrats with authorities.

Every big bank has the identical federated business plan as the USG when it comes to how this sort of information security and IT infrastructure needs to be run. We need to copy their DNA and figure out how to do this, if not right, at least a lot less wrong.

1 comment: