Computerworld - If you've been at all worried that the Department of Homeland Security might be doing something worth paying attention to, rest easy. When it comes to having any significant impact on corporate IT security plans, the $36 billion federal agency has been monumentally ineffective.
As our front-page story this week points out, it's private-sector companies -- particularly in transportation, utilities and finance -- that are driving their own IT security strategies to protect the nation's critical infrastructures. Without any push from the DHS, for example, the Rail Industry Security Committee is busy sharing best practices for both physical and cybersecurity. In the natural gas industry, same story. "All of the initiatives are industry-driven," says Gary Gardner, CIO of the American Gas Association.
Given that the private sector owns and operates 85% of the critical infrastructure that keeps our lights on and water flowing, this may seem like the natural course of events. But at least part of the fantasy behind spending billions of our tax dollars on the DHS was to create an agency that could orchestrate a public/private collaboration on security matters. "I think largely we've dropped the ball," says Richard Clarke, former chairman of the President's Critical Infrastructure Protection Board.
CIOs and senior IT executives would no doubt agree. They've all noticed that there are no incentives in the 1-year-old "National Strategy to Secure Cyber Space" plan for private industry. No tax credits. No cost sharing. No real reason to care.
The companies that do care, however, are computer industry vendors and service providers. They influence DHS strategy and direction through a handful of powerful lobbying groups, the most prominent being the Information Technology Association of America. Their agendas boil down to this: Prevent any new government regulations or reporting requirements that would mandate changes in IT products. So far, mission accomplished.
For its part, the DHS has managed to stay in the headlines with a steady supply of screw-ups. In July 2003, the Homeland Security geniuses signed a deal for $90 million worth of Microsoft software just as yet another critical security flaw in Windows was everywhere in the news . Around that time, perhaps coincidentally, the status of the cybersecurity job once held by Clarke fell so many rungs down the political ladder that it ended up in cyberobscurity.
Then, last August, a report from the General Accounting Office, the investigative arm of Congress, documented what a pitiful job the DHS was doing in its security information-sharing efforts with state and local authorities . Not that the DHS wasn't trying. Its newly
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Logicalis eBook: SAP HANA: The Need for Speed Without timely business insights, organizations today can suffer logistical, manufacturing, and even financial disaster in a matter of minutes
- Neustar 2014 DDoS Attacks and Impact Report For the third consecutive year, Neustar surveyed hundreds of companies on distributed denial of service (DDoS) attacks. The survey reveals evidence that the...
- Acxiom Case Study This case study, which focuses on Acxiom, explores how the company was able to secure employee data, reduce migration costs and boost productivity...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Gov't Legislation/Regulation White Papers | Webcasts