COMMENTARY--After convincing the government to back off, it's now time for Silicon Valley to come up with a way to plug the lingering security holes in the national network infrastructure.
Technology leaders won a sympathetic hearing in Washington, D.C., nine months ago when they convinced the Bush administration to lay off of dictating baseline security standards.
Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.
At the time, my suspicion was that this was a mistake. Now I'm convinced of it.
The problem is leadership--or more accurately, the lack thereof.
But when it comes to this topic, Yoran and the department are restricted--at least for the time being--to the sideline role of federal cheerleader--with entirely predictable results. The industry's response to date has largely consisted of agreements to set up time-wasting committees--a grand idea!--to think about what to do and to issue platitudinous corporate governance guidelines about promoting good "cyberhygiene," whatever that is.
Undoubtedly, all this has Al Qaeda's hacking operatives quaking in their boots.
The awareness-raising campaign reminds me of the Smokey Bear fire prevention public service announcements, back when I was a kid. In time, it helped--but only after years driving home the message. When it comes to cybersecurity, there isn't the same luxury of time.
For appearances' sake, the government is loathe to give the impression that it's pushing too hard. For his part, Yoran resists suggesting that the government has knuckled under to special-interest pressure. Still, it's hard to escape the conclusion that the lobbyists have had their way.
When the Big One lands--and it's only a matter of time--the stuff is going to hit the fan.
But if technology companies don't produce results soon, the department is signaling that it stands ready to get more actively involved.
"There should be no mistake about where we stand," Robert Liscouski, the assistant secretary for infrastructure protection, said at the summit. "We are not going to let anybody who operates in this space dodge their responsibility, and I will be sticking my finger into people's chests to make sure they live up to their responsibilities."
Translation: If the technology industry can't clean up the mess it's created, it defaults that responsibility to Uncle Sam. Pretending otherwise only postpones a bigger reckoning.
biography Charles Cooper is the executive editor of commentary at CNET News.com.
