Intercepts

Cyber "Warfare'

Just when I was starting to miss the good old days of listening to former

Deputy Secretary of Defense John Hamre tell anybody who would listen that

the Joint Task Force for Computer Network Defense is "at war" every day

of the week, along comes Rear Adm. H. Winsor Whiton, commander of the Naval

Security Group. The admiral recently told a gathering of security professionals

at the Cyber Security Summit at Carnegie Mellon University, Pittsburgh,

"As many of you know, we're really at war today."

Although plenty of D-day veterans might have a different perspective

on what being "at war" means, I'll give the good admiral credit for what

he said next: "If you're not capable of defending your networks, you're

not capable of going to war." As a result, a certification requirement for

information operations has been added to the Battle Group Certification

Process that is required before a group is given the go-ahead for real-world

deployments.

NSA's Retention Crisis

It's no secret: For years, the National Security Agency has been laboring

to attract and retain the best and brightest in the information systems

arena. And things are still tough, according to Mike Jacobs, a longtime

NSAer who managed the team of 35 hackers who reportedly proved through inference

that they could cripple the critical infrastructure of the United States

with a few laptops.

"Appealing to patriotism today is not enough" to solve the retention

problem at NSA, he said. "We are now shopping for a set of skills where

the people who have them are foreign nationals, and we cannot get them cleared."

Here We Go Again

While I'm on the subject of NSA, consider the agency's latest hire:

retired Maj. Gen. Harry Gatanas. The former Army general has been appointed

NSA's senior acquisition executive, responsible for overseeing the agency's

effort to maintain its position on the cutting edge of technology.

His appointment comes on the heels of the agency's decision to take

William Black Jr. out of government mothballs to be the new deputy honcho

at the super-secret spy agency. Black, as you'll recall, retired from NSA

in 1997 and took a job in industry. Can somebody please tell me if the phrase

"new blood" means anything to anybody at Fort Meade? If NSA Director Lt.

Gen. Michael Hayden wants some high-tech, Silicon Valley-style advice, I

would tell him to "hire the guy with the ponytail."

Looting Def Con

More than 6,000 people, most equipped with ponytails and nose rings,

attended this year's annual Def Con hacker conference in Las Vegas. However,

my slot machine listening posts report that it wasn't too hard to pick out

the slew of government (i.e., NSA and Defense Department) officials who

attended the show. I have 20 bucks that says the NSA members present weren't

from the technology and security directorate. It's more likely they were

from the human resources department.

Venture Capitalists

"There is a big question" facing the federal critical in-frastructure

protection community "about whether industry will take the lead" in security,

according to John Tritak, director of the Critical Infrastructure Assurance

Office.

"Version 2 of the National Plan [for Information Systems Protection]

will be written by industry," he said. "There are many people on the Hill

who are rightly concerned about whether national security can be handled

by economic, market-driven needs." However, if the private sector doesn't

come to the table, they run the risk of sitting idly by as the first "digital

Exxon Valdez" occurs, Tritak said.

But the CIA may have figured out a way to combine the two, according

to Jeffrey Hunker, senior director for critical infrastructure at the National

Security Council. When asked recently if government ideas for security

research and development would continue to end up "on the cutting room

floor," Hunker replied, "I have two words: venture capital." It represents

a "great unexploited opportunity" for federal information security programs,

he said, noting that he is "struck" by the CIA's In-Q-Tel venture capital

RandD firm.

Intercept something? Send it to the Interceptor at antenna@fcw.com.