Cybersecurity

Are you sitting down? Ok, here goes:

"The news is filled with scary stories about the insecurity of the computer and telecommunication systems on which our nation's prosperity depends: malicious software planted in electricity-grid computers; rampant state-sponsored and criminal cyber-espionage and theft; and the possibility of cyberattacks on banking and transportation systems. Exactly one year ago, President Obama declared our "digital infrastructure" to be a "national security asset" and pledged to make it "secure, trustworthy and resilient."

His administration has made little progress toward this goal, however, largely because cybersecurity is seen as a tax on short-term economic growth."

Have I got your attention now?!

The New York Times story, linked here, is another distressing alarm that we need to focus on the risks of computing and especially networked communications (i.e. the Internet).

Here are the reasons we are so vulnerable according to the Times:

" ... vulnerabilities include software with too many bugs; the use of commercial off-the-shelf software produced in a global supply chain in which malicious code can be embedded by stealth; inadequate cooperation about security threats and effective security practices among firms and between firms and government; and computer malfeasance by botnets (large clusters of zombie computers, controlled by third parties, that can be used for cyberattacks)."

Let me add another problem. Carelessness and complete clueless behavior by people.

As you know, we are working very hard on training employees who manage sensitive data so that at least operator error" and sloppiness in handling information and computers is not heaped on top of the list of meta "big time" - threats enumerated above.

We are working very closely with our friends in government and with Iowa private business and NGO's, nonprofits, community organizations and others to create a security education and certification system. Our colleagues in Computer Science and Engineering are working on the hardware/software end of this problem as part of the national Information Security (INFAS) initiative.

Stay tuned please.

.

.