Adfero Group HSPI

Someone needs to buy Janet Napolitano a beer. Or at least give her a double of whatever she wants. After two consecutive days on Capitol Hill testifying in front of four different Congressional Committees, she’s earned it. In defending the Administration’s proposed 2011 budget, she took on a whole set of bipartisan punches and barbs from an array of political players who weren’t exactly happy with what she was trying to sell them.

The Senate Commerce, Science and Transportation Committee held a long awaited hearing on Cyber Security. Chairman John Rockefeller began with the thought that a major cyber attack could shut down our nation’s most critical infrastructure. He called for legislation to “modernize the relationship between the government and the private sector on cyber security.” A stellar group of witnesses appeared, all who added to the growing discussion on cyber security.

Amidst the news today are reports that DHS employs more contractors than career civil servants. Lawmakers, notably Sen. Joseph Lieberman (ID-CT) and Sen. Susan Collins (R-ME), have described this situation as “unacceptable, untenable and unsustainable.” The other notable word that they have used to describe this situation is “astounding.” This is a situation that has been known about for some time. If we really want to be “astounded” and have a system that is “acceptable, tenable and sustainable,” we can start by fixing the problem that created the civil service and contractor imbalance.

Yesterday’s actions by the American Federation of Government Employees (AFGE) to represent TSA’s 40,000 screeners has upped the ante in the high stakes poker game the Obama Administration seems to have avoided playing. Will there or will there not be a union at TSA? If we are to ever move forward, the White House’s deafening silence has to end. Whatever decision it makes will have tremendous consequences and will leave some players at the poker table inflamed and outraged.

Last week, Transportation Security Administration (TSA) workers at the Philadelphia airport grossly mistreated Ryan Thomas, a 4-year-old boy who has intellectual and physical disabilities, and his parents. Headed for an Orlando-bound flight to celebrate Ryan’s birthday at Disney World, TSA security screeners forced Ryan’s parents to strip off his leg braces to clear security. What happened to Ryan is a symptom of what’s wrong with the airport security process, and it should be leveraged to enhance safety while improving the airport experience for all flyers.

Well, the week of 15 – 19 Feb 2010 was a fascinating one if you follow cybersecurity events. The bellwether stories are numerous, and reaction to them has been varied. Even if you don’t join in the debates of the blogosphere, it sure is fun to “watch.” On the serious side, these issues are all critical ones, and the number of experts (real ones, not the self-proclaimed variety) who hold widely varying positions shows the challenge of this field.

Have Goldman Sachs focused on their operational risks to the exclusion of all else, to the extent that their destruction is now politically convenient in the current US climate, and what tools could be used to achieve that end? I began, two weeks ago, by writing a blog entitled “Has Goldman Sachs caught the Blackwater Disease?” However, the more I explored the issue, the more I believe that the implications stretch wider. While I am not a fan of the concept of the “Perfect Storm,” I do believe Goldman Sachs has ignored non-financial risks at their peril. This blog is not a reflection on whether Goldman Sachs are good, bad or indifferent; it is a reflection upon how disregarding all risks can create the conditions to destroy a company, just when that company appears to be at the top of its game.

CBS News recently reported the number of illegal immigrants in the U.S. is down by about one million from 2008 to 2009. The DHS report CBS cited also shows a striking difference in the number of illegal immigrants entering the U.S. in two different periods. From 2000 through 2004, 28 percent of the current population of illegal immigrants entered the United States, and only 8 percent entered from 2005 through 2008. Having worked with these DHS statistics for a number of years, I am keenly aware of their limitations. I suspect the economy has played a role in this decrease, but I also think we need to give some credit to improved border enforcement and particularly to a little heralded but successful effort to end “catch and release.”

After two large snowstorms and a pathetically minor dusting, we can see how Washington responded to emergency weather. As FEMA Administrator Craig Fugate has so aptly put in numerous ways, “It’s time we treated the citizen as an asset and as a member of the response team, rather than as a liability,” and the 2010 Mother Nature Winter rampage has put forward some great issues that public and private sector leaders, as well as citizens, should be acting on.

The Bipartisan Policy Center, which has ported over the 9/11 Commission co-chairs, Lee Hamilton and Tom Keane, is coordinating the major cyber exercise this week. The U.S. Government has conducted closed versions of cyber war games several times before, and the results are held very closely. At other times, cyber attacks have been injected into broader exercise scenarios but almost always are abandoned because it “ruins” the wider training value. That means cyber brings the entire show to a halt because we really do not know how to deal with it.

The Center for a New American Security (CNAS) has published a superb document – Contested Commons: The Future of American Power in a Multipolar World (January 2010). It covers comprehensively all the various domains and is a weighty tome. My interest in it is the fifth chapter, “American Security in the Cyber Commons,” which if it stood alone would be one of the best documents on the issues in the cyber realm I have seen.

Like most people of the Mid-Atlantic region, I’ve spent almost a week hunkered down at home with my family watching the piles and piles of global warming stack outside my home. For as unprecedented as this weather pattern has been for the region, it has been a remarkable test of the region’s resilience. While the jury is still out on a final evaluation (since the last snow flake has yet to fall), here are some things we have learned.

IBM has a new cybersecurity white paper. The paper’s executive summary, which I co-authored and is posted below, is titled Meeting the Cybersecurity Challenge: Empowering Stakeholders and Ensuring Coordination. The issues, challenges and possible paths to greater national cybersecurity named in the summary are important concepts. Through a comprehensive, wide-spread cybersecurity effort, all individuals, businesses, organizations, agencies and corporations can play a part in achieving greater national security.

Workplace violence is an important threat; it also demonstrates how much security departments can add value to the company, rather than simply be a cost.  While corporate security departments are often seen as a necessary evil cost center with little to contribute but managing the gate guards – manned by knuckle-dragging former law enforcement and military personnel without a clue about “real business” – they actually can be an important part of the company’s self perception and management and a critical source of time-sensitive information and analysis.

The House Science subcommittee on Technology and Innovation held a hearing today on next generation passenger screening technologies, or at least, I thought that was its purpose from the title of the hearing. But for Subcommittee Chairman Rep. David Wu (D-OR), the purpose seemed to be something else.

On Tuesday morning, Senate Majority Leader, Harry Reid (D-NV) lashed out at Senate Republicans for their on-going procedural holds on a number of the Obama Administration’s nominees for critical positions at the Pentagon, DHS and elsewhere. The only measure that counts in the homeland arena is doing the job, and it’s long past time for the Senate to do its job when it comes to voting on a number of critical nominees.

Much recent talk and writing has focused on the continued need for “real” public-private sector cooperation in the cyber realm. Everyone quotes the famous statistics that 70 percent (or 80 percent, even 90 percent) of our critical infrastructure is owned or controlled by the private sector, and all of that is highly dependent on cyber means to do business. How can the government protect this private infrastructure it if it does not own it?

If the last several weeks haven’t been bad enough for the Obama Administration, they are about to get even worse. On Monday night’s CBS Evening News, Chief Investigative Correspondent Armen Keteyian will profile a number of serious problems at the Federal Air Marshal Service (FAMS).