Steven Bucci

Cybersecurity – The Public Health Model

October 6, 2011

I teach an online Master’s Level course in cybersecurity policy Issues. As part of one of my lessons, I asked students the following question: Can the principles of public health be applied to help understand cybersecurity, or should we stick with a military/defense metaphor? A student offered 10 core functions of public health entities, a stark contrast to traditional law enforcement and security premises centered on enforcement, detection, and deterrence. It is a better fit.

Anwar al Awlaki – The Killing of "An American Citizen"

Steven Bucci |

October 3, 2011

Ron Paul is probably the most intellectually consistent politician I have ever witnessed, but his stand on the killing of AQAP Leader Anwar al-Awlaki last week is really ridiculous. Becoming a traitor to the United States carries the “punishment” of losing your rights as a citizen. Fighting for the other side in a war does as well. What else would this “cleric” have to do to warrant action against him? Paul said “We don’t know if he ever killed anyone.” Please Mr. Representative, ask the folks at Ft. Hood if al-Awlaki ever killed anyone. Yes he did.

Another Key to Cyber Security: Agility

Steven Bucci |

September 23, 2011

A lot of factors can lay claim to being a “key” to cybersecurity. I would offer another: agility. Presently, agility is the best friend of the Bad Guys. On the defensive side, we labor under a great disadvantage. Development of defensive means is slow and reactive; we have to follow strict rules for commercial deployment of products, and beyond the technical procedures, we have huge hurdles on the legal, policy and regulatory sides. In short, the good guys are anything BUT agile.

Our "Overreaction" To 9/11

Steven Bucci |

September 12, 2011

There has been a great deal of intellectual froth over the subject of the tenth anniversary of the 9/11 attacks. Numerous editorials cover the entire intellectual waterfront. Most focus on the continuing sense of loss and grief we feel and ask us to never forget. There is a different group I have a problem with, those who say America “overreacted” to 9/11. I was in the Pentagon on 9/11, and so was my wife. I know in my heart as well as my head. Our leaders didn’t overreact; they did exactly what was needed.

Politics and the Defense of the Nation’s Networks (or lack there of)

Steven Bucci |

September 8, 2011

We are still more than a year out from the next Presidential election (and the accompanying Congressional races), and the level of discourse is so divorced from reality that I am a little nervous about our ability to govern effectively. Both sides are so unwilling to act like adults, to compromise, to build consensus, that many folks are assuming we’ll get nothing done for the next year plus. If that happens, we will have some big problems. America’s networks experience intrusions pretty much continuously, and nearly everyone agrees we have a problem. The bad part is that Washington is not in a problem-solving mood.

North Korean Cyber Attack – Harbinger of the Future

Steven Bucci |

September 1, 2011

The Washington Post published an excellent article, “Suspected North Korean cyberattack on a bank raises fears for S. Korea, allies” detailing a significant cyber attack on a major South Korean bank that occurred last April. This was more than the Denial of Service attacks that have been executed in the past. It was a sophisticated virus attack that took down hundreds of servers at the bank, shut it down for days, and then corrupted a huge amount of financial data. We will see more and more of this. Poor and disconnected nations and terrorist groups have nothing to lose by executing these sorts of attacks.

Weapons of Mass Destruction – A Dangerous and Uncertain Future

Steven Bucci |

August 25, 2011

The present, predominant view that Weapons of Mass Destruction (WMD) is confined to Chemical, Biological, Radiological, Nuclear, and High Yield Explosives (CBRNE) only is now passé. Many people do not even include the “E”. This is far too narrow a view! At least two other categories must be included in the pantheon of WMD. These are cyber weapons and economic warfare.

NICE Cyber Education Strategy is Out for Comment

Steven Bucci |

August 16, 2011

The draft strategy paper for the National Initiative for Cybersecurity Education (NICE) is on the street and soliciting comments. This is a very important effort. The NICE project hits on the three main “legs” of a national education effort. Some folks have compared this need to the efforts put forth after Sputnik. If that seems trite or overblown to you, I respectfully submit that it is, in fact, a bigger need.

Vindicated – The Cyber Terror Threat Exists

Steven Bucci |

August 11, 2011

I have been saying for a while that cyber terrorism is a real threat, and one with which we will need to grapple TODAY. Others, some frankly with far more eminence than I have, disagree. Yet, at the recent BlackHat conference, Cofer Black, the counter terrorism expert who lead the CIA’s efforts against Al Qaeda for President George W. Bush, joined “my side” of the debate. Cofer Black is no Propeller-Headed Geek; he is a hardcore practitioner who has fought terrorists his entire career. He knows how they think, act and believe, and he acknowledges cyber terror as an issue.

Contributor: