Archive for the ‘Regulation’ Category
DorobekINSIDER: AFCEA Homeland Security Conference panel on cyber-security — the liner notes
I am moderating a panel at AFCEA’s 9th Annual Homeland Security Conference — creatively named DHS – The 7-Year Itch – Renewing the Commitment: The Definitive Dialogue on Critical Homeland Security Issues. Specifically, the panel that I’m moderating is titled President’s Comprehensive National Security Initiative. And we have a good panel to discuss these issues, even if the title of the panel doesn’t fully capture it:
Thursday, February 25
9:15 a.m. – 10:30 p.m.Panel 6: President’s Comprehensive National Security Initiative
Industry insight into streamlining the cyber security effort through all levels of government. Thoughts and recommendations on policy, strategy and guidelines necessary to secure federal systems; integrate existing federal government resources; and anticipate future cyber threats and technologies.Moderator: Christopher J. Dorobek (confirmed)
Co-anchor, Federal News Radio 1500 AM’s Daily Debrief with Chris Dorobek and Amy Morris
Editor-in-chief, the DorobekINSIDER.comPanelists:
Mr. Shawn Carroll (bio in PDF)
Executive Director of Engineering & CTO
QWEST Government ServicesMr. John Nagengast (bio in PDF)
Executive Director for Strategic Initiatives
AT&TMr. Marcus Sachs (bio in PDF)
Executive Director for National Security & Cyber Policy
Verizon
Credit where credit is due: I’m just the moderator. I did not pull the panel together. So I want to credit specifically Wray Varley, Qwest Government Service’s director of advanced programs, DHS & DoJ, for pulling all the pieces together.
As I mentioned, our title is just a tad bid misleading because it really doesn’t capture the scope of what we hope to talk about. (I’m not sure people know what the President’s Comprehensive National Security Initiative even is. I’ve put some background below, including a March 2009 report from the Congressional Research Service that lays it out.)
In the end, what we hope to talk about cyber-security broadly — and our discussion will really go beyond that rather governmental sounding initiative.
It is clear that times are changing in the cyber world. Cyber-security is becoming more of a check-list item to becoming a real national security priority. People are hearing about cyber-security repeatedly, but I’m not sure they know what they can — and should — be doing.
A few data points:
* The Google hack: This comes from Google’s announcement that the company was considering pulling out of China following a massive hack. Of course, we learned that these attacks were actually against a number of private sector companies and investigators are still searching for where these attacks came from. And on Federal News Radio 1500 AM’s Daily Debrief with Chris Dorobek and Amy Morris, we spoke with George Kurtz, the CTO for cyber-security company McAfee, about those attacks. Hear that conversation here. McAfee and the Center for Strategic and International Studies recently came out with a new report that found people are under attack more then they generally know. You can hear the authors of that report, titled In the Crossfire: Critical Infrastructure in the Age of Cyberwar, here.
* The ZeuS attacks: After Google came word from NetWitness that some 2,400 organizations — including government agencies — had been attacked.
* Could the U.S. lose a cyber-war? That was the stark warning from Mike McConnell, the former director of national intelligence during testimony before the Senate Commerce, Science and Transportation Committee, according to GovInfoSecurity.com. McConnell told lawmakers earlier this week that if a cyberwar were to break out today — “the United States would lose.” He went on to say that this is not because the U-S doesn’t have talented people or cutting edge technology. It is simply because the country is the most dependent and the most vulnerable — and because the country has not made the national commitment to understanding — and securing — cyberspace.
During the discussion, we are going to review this from several perspectives:
* Carrier operations — Nagengast is going to discuss what the telecommunications carriers can/should/are doing to address these important issues.
* Policy issues — Sachs is going to discuss the public and private policy issues that can/should/are helping to address this issue.
* What agencies need to do — Finally, Carroll will go review what agencies can/should/are doing to address these issues.
And my guess is that somewhere in there, we will talk about Networx, which was widely hailed as a real opportunity for agencies to upgrade their network security infrastructure. And earlier this month, the Federal Trade Commission was one of the first agencies to use the Networx contract’s provisions for the Trusted Internet Connection initiative. TIC is an OMB initiative that seeks to reduce the number of government connections to the Internet to better enable agencies to secure data that passes through those connections, and OMB has been pushing agencies to move forward with TIC implementation.
Some resources — and I’ll add to these if there are links mentioned during the session:
* Congressional Research Service report: Comprehensive National Cybersecurity Initiative: Legal Authorities, Policy Considerations [March 10, 2009] Report thanks to OpenCRS — and you can download the PDF of the report from their site here.
* Center for Democracy and Technology analysis of the Comprehensive National Cybersecurity Initiative
* The China threat: Here is some appointment listening — and reading. Last week on Federal News Radio 1500 AM’s Daily Debrief with Chris Dorobek and Amy Morris, we spoke to James Fallows of The Atlantic magazine, who wrote a fascinating piece about China generally, but also that country’s role as a cyber-attacker, which he argues is somewhat exaggerated… although he goes on to say that he doesn’t believe we are paying enough attention to cyber-security generally. Hear our conversation here. I think you’ll find the conversation — and his article — illuminating.
DorobekInsider: The FCC joins the blogsphere — and Twitter
The Federal Communications Commission, now under the leadership of one of the people I simply can’t wait to meet, Julius Genachowski, has launched a blog — and a Twitter feed.
The blog, call Blogband and it will likely focus on the Obama administration’s broadband initiative to get broadband service out to more of the country. The broadband plan is part of the stimulus package and, of course, is being led by the FCC.
It is the start of a welcome change for FCC, which has had an incredibly cumbersome Web sites. I haven’t visited recently, but… years ago, when I was looking for information about the Sirius-XM merger, I went to the FCC Web site and it was almost impossible to find what I was looking for, and then each submission from each person was a separatePDF file, which made reading them all clunky at best. So I look forward to seeing how the broadband discussion evolves.
I don’t often post full text of posts because… well, that’s not the Internet way — reference and link. If people do the work, they deserve the traffic. That being said, Genachowski’s introductory post isn’t that long…:
The National Broadband Plan is one of the most important initiatives that the FCC has ever undertaken. To foster public dialogue about the National Broadband Plan, we’re tapping the power of the Internet to launch a new FCC blog, calledBlogband . What better time to start blogging than now? With just 183 days before our deadline to send the National Broadband Plan to Congress, we need as many people involved as possible.
Like our unprecedented two-dozen public workshops and the upcoming fall public hearings, Blogband is part of the FCC’s commitment to an open and participatory process. Blogband will keep people up-to-date about the work the FCC is doing and the progress we’re making. But we want it to be a two-way conversation. The feedback, ideas, and discussions generated on this blog will be critical in developing the best possible National Broadband Plan.
As this blog demonstrates, the Internet is changing and expanding the way Americans communicate, providing them with unparalleled access to information. Our goal is to create a National Broadband Plan that charts a path toward bringing the benefits of robust broadband to all Americans. So visitBlogband often to keep up with the latest news and – more importantly – get involved.
Read the FCC Blogband blog at http://blog.broadband.gov.
And you can follow the FCC on Twitter at twitter.com/fccdotgov.
And, of course, a hat tip to National Journal’s Tech Daily Dose blog.
DorobekInsider.com: OMB publishes updated stimulus act guidance
The Office of Management and Budget on Friday published updated guidance for implementing the American Recovery and Reinvestment Act — we know it as the stimulus act. You can find the PDF here … or below…
Friday, April 3, 2009On April 3, 2009, the Office of Management and Budget (OMB) published Implementing Guidance for the American Recovery and Reinvestment Act of 2009 (“Recovery Act”). This is the second installment of detailed government-wide guidance for carrying out programs and activities enacted in the Recovery Act. This updated guidance supplements, amends and clarifies the initial guidance issued by OMB on February 18, 2009 (Initial Implementing Guidance for the American Recovery and Reinvestment Act of 2009, M-09-10). Updates to the guidance are based on ongoing input received from the public, Congress, state and local government officials, grant and contract recipients and federal personnel.
NAPA’s Collaboration Project helps with government 2.0 policy and legal issues — highlighting the problems and starting the work on solutions
One of the biggest obstacles to some of the using some of the government 2.0 tools are the government’s legal and policy frameworks, some of which were formulated long before there was an Internet. The National Academy of Public Administration’s Collaboration Project is taking a big step toward helping agencies deal with these sticky issues.
On Federal News Radio 1500 AM’s Daily Debrief with Chris Dorobek and Amy Morris, we recently spoke to Marcus Peacock, who at the time was the deputy administrator at the Environmental Protection Agency. Peacock and former EPA CIO Molly O’Neill, before they left, got started a parallel government 2.0 comment process around air quality standards. We spoke to Peacock and O’Neill about the process. One of the things he told us was that many of the government law that at the time were designed to ensure public comment today actually prevent agencies from reaching out to encourage a broader public comment. The laws, for example, require public comment. Agencies post rules and regulations in the Federal Register — or on Regulations.gov — and then people can comment. Those comments are assessed and posted. In the end, you don’t get an open, transparent debate about the process. Instead, you get a lot of individual comments unrelated to one another. And it has seemed that there wasn’t an alternative.
Peacock and O’Neill, creatively, aren’t letting those laws prevent the EPA from trying something new. Instead, they are running a parallel process — following the old way and creating a new way.
My suggestion has been to open up regulations to a wiki — some broad way to allow people to change the rule in a way that they think would improve it. In other words, don’t just comment — make it better. We’re still a few years away from that.
(A historical aside: Dee Lee deserves a foresight award. More than a decade ago, Dee Lee, who I believe was the administrator of the Office of Federal Procurement Policy, also ran a parallel comment process for a rule allowing people to comment on other people’s comments. It was very innovative for the 1990s. It’s only taken a decade for us to get back to this point.)
NAPA to the rescue
All of this is a long introduction to the National Academy of Public Administration’s Collaboration Project, which has been working to help agencies find share lessons learned on these government 2.0 tools. They have been holding meetings about the policy and legal issues surrounding government 2.0 — and the issues are wide ranging. They go from the use of Internet Web cookies… to security and policy issues. Earlier this week, we spoke to NAPA’s Frank DiGiammarino about the legal and policy issues. NAPA has now posted a draft document seeking comment on those rules.
The document below represents a rough draft of the research agenda that will guide the Collaboration Project going forward. It is a living document and we are always looking for new additions to this list. In reviewing it, please consider some of these questions:
- What are the issues on this list that resonate with you the most? Is there anything you see missing?
- Have you or anyone you know had success in meeting these challenges? Do you have any best practices to share?
- How, if at all, has your agency altered policies to enable better collaboration?
- What are the actions the next administration and Congress could take to increase collaboration and the use of the Web 2.0 suite of tools?
If you have something to contribute, please don’t hesitate to contact us and send it in, or just use the comments feature at the bottom of this page !
As we told you earlier, the Federal Web Managers Council has created a similar but different document that lists the federal government social media challenges — perceived or real — and some possible solutions. You can see that document here. (Federal News Radio 1500 AM’s Jason Miller spoke to GSA’s Bev Godwin about this document. You can hear that discussion here.) My challenge to the Federal Web Managers Council is that they often kicked the ball further down the field, recommending that there needs to be policy developed to solve some of these problems. We all certainly agree that there are new policies necessary in many cases, but my recommendation would be to offer short term solutions — what can agencies actually do — today — to resolve those challenges. The longer term policy development can still go on, but there is so much to be learned by doing, and I get concerned that agencies will avoid ‘doing’ because of the policy limbo. That being said, the Federal Web Managers Council deserves a whole heap of credit for this marvelous document. It is an excellent and very valuable document and they deserve credit for pulling it together.
I would also be remiss if I didn’t mention the Navy’s Web 2.0 policy — the first in government. You can read that policy here.
My other challenge is that I hope we can actually collaborate on these challenges. Too often, people operate behind closed doors. What better way to demonstrate the power and agility of collaboration?
Baffled by the financial mess? GAO lays out the issues
Many of us may have been baffled by the whole financial mass — it’s just so confusing. But one of the issues that doesn’t seem to get much attention is what are we doing — or what can we do — to ensure that we don’t get into this situation again. Many people are simply pitching this as a too-much or too-little regulation debate, which just seems simplistic to me.
The Government Accountability Office today issued a report that does the best job that I’ve seen providing background of the situation and the United States’ outdated regulatory framework. The report is titled, Financial Regulation: A framework for crating and assessing proposals to modernize the outdated U.S. financial regulatory system… and today on Federal News Radio 1500 AM’s Daily Debrief with Chris Dorobek and Amy Morris, we’re going to talk to the author of the report.
The report is long — more than 100 pages — but I learned a whole bunch from it.
DorobekInsider 