Richard Clarke Weighs in on Cybersecurity

Join the discussion

We welcome your thoughtful comments. Please comply with our Community rules.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.

Comments

  • I posted a blog at nearly the same time as this bit of tripe appeared. Mr. Clarke is sadly mistaken. Even if Ms. Gorman's article in the Wall Street Journal were entirely accurate (and I have my doubts about this), his response is still wrong.

    I'm sure we can find case studies of such agencies and where centralized regulation did or didn't work. But the point is that it can't be imposed by outsiders. Security must start at the bottom and go all the way up to top level executive leadership (and back down again). It must be identified as a key element of critical infrastructure management, maintenance, and operations.

    Securifying through explicit compliance based regulation is a well-intentioned disaster in the making. If it happens, I predict it will work about as well as the TSA has secured aviation. With "help" like this we won't need our enemies to bring us down. Our very own government will do it for us.

    Reply

RSS feed for comments on this page | RSS feed for all comments