The authors of the study, "Cyber Security: A Crisis of Prioritization," warn that the current system is "highly vulnerable to attack" and urge a fundamental rethinking of how the nation's computing architectures and technologies should get deployed.
Don't get your hopes up. If past is prologue, I think it's safe to assume that nothing will come of this--until it's too late and people again are scrambling for answers.
It's tempting to become cynical about so sensitive a subject, but the blunt truth is that Americans care more about the ultimate outcome of "American Idol" than they do about repairing the nation's IT infrastructure. Outside of the confines of the security nerds who live and breathe this stuff, most folks are bored silly by the subject.
Both major political parties shoulder blame. The question of how to shore up the nation's IT infrastructure first surfaced toward the end of the Clinton administration. A fat report got published and bureaucrats dutifully made time for reporters' questions. But fundamental change was postponed for another day--and another administration.
Cybersecurityafter Sept. 11, 2001, but the Bush team quickly lost interest. Bureaucratic squabbling and the absence of real backing from the chief executive have since turned the job of into a revolving-door post.
Since 2001, the government has casually gone through one cyberczar after another, and yet you hardly hear a murmur from the political elites. Years ago I asked a now-retired congressman why so few of his colleagues put a big effort into technology issues, and he gave me one of those "Kid, you must be from Kansas" smiles. Couldn't I understand that a stem-winder on the floor of the House of Representatives about IT and its discontents would never get him onto the evening news?
Sure I could. Unfortunately, when they do start yammering about bits and bytes in public forums, it's usually for all the wrong reasons.
Too bad they didn't also investigate why we're still churning out software with security holes--and this, six years after a 1999 President's Information Technology Advisory Committee report first flagged this as a concern.
In a numbers game, it's all about counting noses. Unfortunately, the natural constituency in favor of breaking sharply with tradition and doing something meaningful about cybersecurity is relatively small (Even a promise of unlimited brie and chardonnay will not produce any Million Coder Marches on Washington in our lifetime.) That calls into question one of the key recommendations in the report: a call to increase the National Science Foundation's research budget for fundamental research by some $90 million.
Unless the president awakes one day to an epiphany, the report will surely get summarily rerouted to a dusty shelf in a forgotten corridor of a nondescript department, somewhere deep in the bowels of official Washington, D.C. Just like so many other do-gooder position papers that wind up ignored and put aside.
But when the stuff one day hits the fan--as it inevitably will--nobody in authority will be in a position to claim they didn't know.