Perspective: A cyber con game

In a recent report to President Bush, an advisory task force presented a damning picture of the nation's information technology infrastructure.

The authors of the study, "Cyber Security: A Crisis of Prioritization," warn that the current system is "highly vulnerable to attack" and urge a fundamental rethinking of how the nation's computing architectures and technologies should get deployed.

Don't get your hopes up. If past is prologue, I think it's safe to assume that nothing will come of this--until it's too late and people again are scrambling for answers.

It's tempting to become cynical about so sensitive a subject, but the blunt truth is that Americans care more about the ultimate outcome of "American Idol" than they do about repairing the nation's IT infrastructure. Outside of the confines of the security nerds who live and breathe this stuff, most folks are bored silly by the subject.

Since 2001, the government has casually gone through one cyberczar after another, and yet you hardly hear a murmur from the political elites.

So with no pressure from constituents, the people in charge of the country have remained complacent even while the security protocols and practices governing the system fell into disrepair.

Both major political parties shoulder blame. The question of how to shore up the nation's IT infrastructure first surfaced toward the end of the Clinton administration. A fat report got published and bureaucrats dutifully made time for reporters' questions. But fundamental change was postponed for another day--and another administration.

Cybersecurity gained temporary prominence after Sept. 11, 2001, but the Bush team quickly lost interest. Bureaucratic squabbling and the absence of real backing from the chief executive have since turned the job of cybersecurity chief into a revolving-door post.

Since 2001, the government has casually gone through one cyberczar after another, and yet you hardly hear a murmur from the political elites. Years ago I asked a now-retired congressman why so few of his colleagues put a big effort into technology issues, and he gave me one of those "Kid, you must be from Kansas" smiles. Couldn't I understand that a stem-winder on the floor of the House of Representatives about IT and its discontents would never get him onto the evening news?

Sure I could. Unfortunately, when they do start yammering about bits and bytes in public forums, it's usually for all the wrong reasons.

The blunt truth is that more Americans care more about the ultimate outcome of "American Idol" than they do about repairing America's IT infrastructure.

So it is that we were recently treated to the spectacle of three congressmen who ought to know better calling for a government investigation into the sale of IBM's notebook business to a Chinese company. It was all politics for the sake of impressing the voters back home and generated the desired headlines.

Too bad they didn't also investigate why we're still churning out software with security holes--and this, six years after a 1999 President's Information Technology Advisory Committee report first flagged this as a concern.

In a numbers game, it's all about counting noses. Unfortunately, the natural constituency in favor of breaking sharply with tradition and doing something meaningful about cybersecurity is relatively small (Even a promise of unlimited brie and chardonnay will not produce any Million Coder Marches on Washington in our lifetime.) That calls into question one of the key recommendations in the report: a call to increase the National Science Foundation's research budget for fundamental research by some $90 million.

Unless the president awakes one day to an epiphany, the report will surely get summarily rerouted to a dusty shelf in a forgotten corridor of a nondescript department, somewhere deep in the bowels of official Washington, D.C. Just like so many other do-gooder position papers that wind up ignored and put aside.

But when the stuff one day hits the fan--as it inevitably will--nobody in authority will be in a position to claim they didn't know.

Biography
Charles Cooper is CNET News.com's executive editor of commentary.

More Perspectives

[jluchford]

Understanding is the key to security

People want simplicity in the net. Even congress, especially congress, since half of the voters don't have time to learn how their computers talk to the internet. That is why security fails. WIFI default setup doesn't ask for what computer talks to the broadband routers, and the suppliers of the devices will only SUGGEST you read the booklet to set up home security.
Congress people are simply no better or worse than their constituents. It takes a hard example that affects people before anybody thinks they NEED to do anything.
Did the 9/11 hijackers use a computer to fly the plane? No. Once somebody finds a way to crash a plane via computer net...or, more likely, once somebody proves that stolen government data was used against somebody -then their be action.
Of course, the security breach would be covered up as much as possible to "prevent" giving ideas to other hackers....

We Idolize Our Own Comforts

The scary thing for me is that I know one of the American Idol contestants and couldn't care less about the outcome of that either.

We care proportional to the loss we personally experience C.C. You are right as usual. Until a hacker turns all of the lights and heat off on a cold day in New York, DC, or San Francisco, this issue won't become terribly interesting.

[ordaj]

I blame the press...

...if the mainstream/national press made it an issue, then COngress would dutifully respond. But, reporters and editors are technological eedjits outside of the "specialized" news outlets like cNet news. Maybe you guys should talk to your "brethren" at the big media outlets and clue them in. It is important.

[mpotter28]

the odds

of them presenting the information in a cogent manner are zero. Canute could not hold back the tide why should we bother
- down and out in L.A.

[Michael Grogan]

Interesting or not..

...this issue will NEVER be handled by the current administration. Can you imagine trying to explain IT to an idiot like Georgie, let alone IT infrastructure?

[Prndll]

LOL....

I would like to see you try to explain to Gore that he has no right to enforce his ideas about how you need his protection.

[mpotter28]

the government is full of idiots

so what else is new.

[Jim1900]

Why?

Everyone here seems to assume that this is wholly a government problem, and a federal one at that. Why not have them pay for fire losses, or perform termite inspections? But a public that has been conditioned to think that feeding tube issues should be decided by the Congress or the Supreme Court apparently takes it for granted that so should computer and network security. The government has an obvious role to play in securing its own equipment, but otherwise I think we still have a privately owned infrastructure for the most part, at least at the moment.

[jlmarriott]

Government responsibility

I agree with JF - a lot of people complain about "big government" - then expect the government to handle everything. Gee, I wonder how it got "big".

[charlie cooper]

You've missed the point

That isn't at all the point. The U.S. is far removed from the era when the Articles of Confederation defined the boundaries between state & federal lines. National defense is not a private issue, something that can -- or should -- be outsourced by various private concerns. Should the tech industry be taking the lead? Obviously, but there's a broader issue here. When the IT infrastructure is so vital to the economic (and social) security of the nation, its fate becomes a national concern.

Repairing the IT infrastructure; rich

This Cooper is an idiot. A well-paid idiot, no less.

The present infrastructure is obsolete, why the f--- would we want to repair it?

Putdown huh?

your comment makes absolutely no sense

[Clues]

Profound Stupidity

The only group stupider than the general American population is
their government and the principle shinning example of its
stupidity is its idiot head the Shrub. You know the stunted Bush.

Big Bang Theory

Nothing will happen in Congress until something very bad happens...ie: a foreign or domestic terrorist gains access to sensitive government information and uses it to do some serious damage - Big Bang Theory. Then they will be all over it, it will make headlines, and they'll all blame each other, hold congressional hearings blaming the IT industry, and still end up doing very little to correct the situation, or worse yet, the wrong thing. Sorry for my pessimism.

It's something most of us share . . .

Is it pessimism, or is it just realism?

Politics is all about appearances, and in a democracy like ours, suckering the voters, primarily through our wholly inadequate press that responds to so many different biases within it that the idea of "objective journalism" has become something of a bad joke.

Maybe politicians will get better when I, and the rest of us, can stop searching for the needle (the truth) in the haystack (the garbage we are all fed through the sensationalism and poor fact-checking of our current mainstream press; and probably most of the press in general).

Of course, they won't change until we become fed up enough with them either.

Ah, to find a politician or reporter who I could actually trust implicitly . . . tis but a dream, however, and thus progress always the slow struggle to drag ourselves forward by our bleeding, white knuckles . . .

I'm beginning to believe that Murphy really was an optimist . . .