Connect with us

Broadband's Impact

Ex-Cybersecurity Czar, Subcommittee Chair Say NTIA-funded Networks Could Have Security Built In

WASHINGTON, March 10, 2009 – Rod Beckstrom, who resigned on March 6 after less than a year as director of the National Cybersecurity Center said Tuesday that the NTIA could use its rulemaking authority to mandate a baseline of open security standards in stimulus-funded network infrastructure.

Published

on

WASHINGTON, March 10, 2009 – Rod Beckstrom, who resigned on March 6 after less than a year as director of the National Cybersecurity Center, said Tuesday that the NTIA could use its rulemaking authority to mandate a baseline of open security standards in stimulus-funded network infrastructure.

Beckstrom spoke with BroadbandCensus.com after he attended, but did not testify at, a hearing before the House Homeland Security subcommittee on Emerging Threats, Cybersecurity, Science and Technology.

He reportedly resigned after equipment orders and leases of office space for his agency were canceled, and his boss, Homeland Security Secretary Janet Napolitano had not had a single meeting with him since she took office in January.

“It’s always easier to bake in security than it is to layer it on afterwards,” Beckstom said when asked if NTIA should include security as a criteria in awarding stimulus grants. The stimulus program is “an opportunity” to try and get things right the first time, he suggested. “When we move into new technologies, we often don’t look at security first.”

While Beckstrom wasn’t familar with the specifics of the NTIA grant process, he said he would support including security in grant criteria: “Obviously there is a benefit if we can get that incorporated into the process.”

Cybersecurity is increasingly important given the nation’s increasing reliance on networks in “every aspect of our lives,” said subcommittee chairwoman Yvette Clarke, D-N.Y. “It is easy to understand why this issue dominates our agenda…too many vulnerabilities exist on two many critical networks,” she said.

And the Bush strategy that “lacked teeth” needs to be replaced with one that places the White House at the top of the chain of command, while using “all of the tools of U.S. power in a coordinated fashion” while holding agencies accountable, she said. Clarke plans to hold two more hearings on cybersecurity topics this month.

The subcommittee hearing was “particularly timely,” given Beckstrom’s resignation, said Rep. Bennie Thompson, D-Miss., who chairs the full committee. While Thompson said he had been optimistic at Beckstom’s appointment, the Bush administration put him in a position without clear lines of authority or a budget, a “no-win situation.” Beckstrom “did not have experience working miracles,” he said – namely overcoming the domination of the National Security Agency in cybersecurity policy formation.

In his letter of resignation, Beckstrom cited the NSA’s incrasing role in protecting both military and government networks as a reason he was returning to Silicon Valley after being hand-picked to head the Bush administration’s “comprehensive national cybersecurity initiative.” The program is meant to protect all government networks against attacks.

In his opening statement, Thompson said there should be a “credible civilian cybersecurity capability” in the government. But it should interface with the NSA rather than being controlled by it, he said. Echoing Beckstrom’s assesment, he said: “I don’t think the answer to our problems in cyberspace comes from giving control of the entire Federal cybersecurity mission to the NSA.”

“Cyberspace should be declared a vital national asset,” said ranking member Daniel Lungren, R-Calif. These critical networks should be protected with a “well-crafted strategy,” he said,  utilizing public-private partnerships “based on trust and cooperation.”

But to date, efforts to protect those assets have not been successful, said Dave Powner, director of information technology management issues at the Government Accountability Office. While then-President Bush initiated several cybersecurity programs, Powner admitted that GAO has “yet to fully satisfy its cybersecurity responsibilities” as prescribed by the Bush strategies. And though GAO is developing new cybersecurity capabilities, Powner said “furher action needs to be taken to address these areas.”

The White House should be at the top of an “accountable, operational  cybersecurity organization,” specifically a new governance structure, Powner said.  Putting the White House will raise the profile of cybersecurity issues and make both public and private sector leaders more aware of emerging threats and problems, he said. And law enforcement capabilities – both national and international – should be improved by increasing cooperation among agencies and other nations, Powner suggested.

“Clearly, NTIA could have a role in [a cybersecurity strategy],” Powner said in an interview. “I think the important thing going forward is with the broadband deployment as it is today, we need to make sure that rollout is secure.” But NTIA’s position with regard to securing networks has been a subject of debate, the agency could certainly help with improving security, he said.

Protecting privacy and providing oversight should be priorities in any cybersecurity strategy, said Microsoft vice president Scott Charney. Before joining Microsoft in 1999, Charney was chief of the computer crime and intellectual property division of the Department of Justice.

“The information age has arrived, but the [U.S.] has not yet built a comprehensive national cyberspace security strategy,” Charney said.  Cybersecurity issues pose unique challenges that “transcend agency boundaries,” he said.

To meet those challenges, a strategy should be coordinated by one organization “responsible for ensuring that the government acts as one government,” Charney said. “If the government wants to use all the instruments of its power…the center of gravity must be in the White House.”

The role of the Homeland Security department should be to set standards – but not mandate specific technologies, he added. Specifying security requirements is “the appropriate role of DHS.”

Further hindrances to a cohesive cybersecurity strategy iinclude law enforcement emphasis on identifying attacks rather than preventing them, and tthe intelligence community’s obsession with classification, secrecy and hiding vulnerabilities rather than defeating them, said NetWitness Corporation CEO Amit Yoran, who helped start the U.S. Computer Emergency Response Team.

Even members of Congress have not been provided with cybersecurity plans developed by the Office of the Director of National Intelligence, “for ill-defined reasons,” he said. “[S]uch a broad overclassification is counterproductive to supporting an effective cyber defense.” And the lack of information sharing among agencies only provides advantages to adversaries, Yoran added.

The U.S. needs to rebuild its cybersecurity procurement systems and technical know-how, beginning at the lowest levels, said Oracle chief security officer Mary Ann Davidson. First, military and intelligence agencies should purchase software that is purpose built, rather than try to adapt and secure ill-designed products.

Congress should enact policy explicitly declaring a “21st century Monroe Doctrine,” Davidson said. Such a policy would encourage development of detection and response mechanisms, and provide a deterrent against all types of attacks against increasingly critical infrastructure, including “smart grid” components, she said.

And as critical infrastructure is built, Davidson said the builders should be trained to “think like a hacker” and assume systems will be attacked. But universities have not been responsive to teaching secure coding practices, she noted.

The lack of built-in security in NTIA-funded broadband networks thatt could become part of the grid is a matter of concern that will warrant additional hearings, Clarke said in an interview after the hearing. “I have been concerned…about our ability to embed some security measures [in broadband],” she said. “Things happen, security can be breached, and we’re at the point where we can understand how to ger that done.”

Continue Reading
1 Comment

1 Comment

Leave a Reply

Your email address will not be published.

Digital Inclusion

Doug Lodder: How to Prevent the Economic Climate from Worsening the Digital Divide

There are government programs created to shrink the digital divide, but not many Americans know what’s out there.

Published

on

The author of this Expert Opinion is Doug Lodder, president of TruConnect

From gas to groceries to rent, prices are rocketing faster than they have in decades. This leaves many American families without the means to pay for essentials, including cellphone and internet services. In fact, the Center on Poverty and Social Policy reports that poverty rates have been steadily climbing since March. We’re talking about millions of people at risk of being left behind in the gulf between those who have access to connectivity and those who don’t.

We must not allow this digital divide to grow in the wake of the current economic climate. There is so much more at stake here than simply access to the internet or owning a smartphone.

What’s at stake if the digital divide worsens

Our reliance on connectivity has been growing steadily for years, and the pandemic only accelerated our dependence. Having a cell phone or internet access are no longer luxuries, they are vital necessities.

When a low-income American doesn’t have access to connectivity, they are put at an even greater disadvantage. They are limited in their ability to seek and apply for a job, they don’t have the option of convenient and cost-effective telehealth, opportunities for education shrink, and accessing social programs becomes more difficult. I haven’t even mentioned the social benefits that connectivity gives us humans—it’s natural to want to call our friends and families, and for many, necessary to share news or updates. The loss or absence of connectivity can easily create a snowball effect, compounding challenges for low-income Americans.

The stakes are certainly high. Thankfully, there are government programs created to shrink the digital divide. The challenge is that not many Americans know what’s out there.

What can be done to improve it

In the 1980s, the Reagan administration created the federal Lifeline program to subsidize phones and bring them into every household. The program has since evolved to include mobile and broadband services.

More than 34 million low-income Americans are eligible for subsidized cell phones and internet access through the Lifeline program. Unfortunately, only 1 in 5 eligible people are taking advantage of the program because most qualified Americans don’t even know the program exists.

The situation is similar with the FCC’s Affordable Connectivity Program, another federal government program aimed at bringing connectivity to low-income Americans. Through ACP, qualifying households can get connected by answering a few simple questions and submitting eligibility documents.

Experts estimate that 48 million households—or nearly 40% of households in the country—qualify for the ACP. But, just like Lifeline, too few Americans are taking advantage of the program.

So, what can be done to increase the use of these programs and close the digital divide?

Our vision of true digital equity is where every American is connected through a diverse network of solutions. This means we can’t rely solely on fixed terrestrial. According to research from Pew, 27% of people earning less than $30,000 a year did not have home broadband and relied on smartphones for connectivity. Another benefit of mobile connectivity—more Americans have access to it. FCC data shows that 99.9% of Americans live in an LTE coverage area, whereas only 94% of the country has access to fixed terrestrial broadband where they live.

Additionally, we need more local communities to get behind these programs and proactively market them. We should see ads plastered across billboards and buses in the most impacted areas. Companies like ours, which provide services subsidized through Lifeline and ACP, market and promote the programs, but we’re limited in our reach. It’s imperative that local communities and their governments invest more resources to promote Lifeline, ACP and other connectivity programs.

While there’s no panacea for the problem at hand, it is imperative that we all do our part, especially as the economic climate threatens to grow the digital divide. The fate of millions of Americans is at stake.

Doug Lodder in President of TruConnect, a mobile provider that offers eligible consumers unlimited talk, text, and data, a free Android smartphone, free shipping, and access to over 10 million Wi-Fi hotspots; free international calling to Mexico, Canada, South Korea, China and Vietnam; plus an option to purchase tablets at $10.01. This piece is exclusive to Broadband Breakfast.

Broadband Breakfast accepts commentary from informed observers of the broadband scene. Please send pieces to commentary@breakfast.media. The views expressed in Expert Opinion pieces do not necessarily reflect the views of Broadband Breakfast and Breakfast Media LLC.

Continue Reading

Broadband's Impact

Senate Bill Subsidizing U.S. Semiconductor Production Clears House, Going to White House

Bill aims to strengthen American self-reliance in semiconductor chip production and international competition.

Published

on

Photo of Sen. John Hickenlooper, D-Colorado, during Tuesday's press conference

WASHINGTON, July 29, 2022 – A $54 billion bill to subsidize U.S-made semiconductor chips passed the House Thursday on a 243-187, and moves to President Biden for his expected signature.

Dubbed the CHIPS Act for Creating Helpful Incentives to Produce Semiconductors Act for America Fund, the measure is expected to incentivize domestic semiconductor manufacturing and also provide grants for the design and deploying of wireless 5G networks. It also includes a $24 billion fund to create a 25 percent tax credit for new semiconductor manufacturing facilities.

Advocates of the measure say that it will also improve U.S. supply chain, grow U.S. domestic workforce, and enable the U.S. to compete internationally to combat national security emergencies.

The measure passed the Senate Wednesday on a 64-33 vote.

Congressional supporters tout benefits

House Energy and Commerce Committee Chairman Frank Pallone, D-N.J., voiced his support on the House floor, calling it “a win for our global competitiveness.”

The CHIPS Act of 2022 provides a five-year investment in public research and development, and establishes new technology hubs across the country.

Of the funds, $14 billion goes to upgrade national labs, and $9 billion goes to the National Institute of Standards and Technology research, of which $2 billion goes to support manufacturing partnerships, and with $200 million going to train the domestic workforce.

In a virtual press conference on Tuesday, Colorado Democratic Sen. Michael Bennett said that America’s semiconductor industry has lost ground to foreign competitors. “Today, only 12% of chips are manufactured in the United States, down from 37% in the 1990s.”

He said relying on cheaper products produced in China and overseas for so long, it has caught up with the United States.

Bennet suggested to move manufacturing labs to Colorado, where it can support it due to the plenty of jobs in aerospace and facility and infrastructure space.

“We don’t want the Chinese setting the standard for telecommunications. America needs to lead that. This bill puts us in the position to be a world leader,” said Bennet. “We are at a huge national security disadvantage if we don’t do this.”

Sen. John Hickenlooper, D-Colorado, joined his Rocky Mountain state colleague in support: “There is a real sense of urgency here to compete not only to re-establish the U.S. to make their own chips, but to compete internationally.”

He said that semiconductor chips are vital to almost every business and product, including phones, watches, refrigerators, cars, and laptops. “I’m not sure if I can think of a business that isn’t dependent on chips at this point.”\

“This is a space race,” he said. “We cannot afford to fall behind.”

Industry supporters say measure is necessary

The U.S. has lost ground to foreign competitors in scientific R&D and in supply chain industry during a recent semiconductor crisis, said France Córdova, president of the Science Philanthropy Alliance, at a U.S. Chamber of Commerce Foundation event on July 19. The U.S. only ranks sixth best among other prominent countries in the world for research and development, she said.

“The CHIPS Act of 2022 and FABS Act are critical investments to even the global playing field for U.S. companies, and strategically important for our economic and national national security,” said Ganesh Moorthy, president and CEO of Microchip Technology Inc.

Bide expected to sign measure

With the Biden’s Administration’s focus to tackle the semiconductor shortage and supply chain crisis through the Executive Order made in February, the Biden administration has been bullish on the passage of the CHIPS Act, in a Wednesday statement:

“It will accelerate the manufacturing of semiconductors in America, lowering prices on everything from cars to dishwashers.  It also will create jobs – good-paying jobs right here in the United States.  It will mean more resilient American supply chains, so we are never so reliant on foreign countries for the critical technologies that we need for American consumers and national security,” said Biden.

Continue Reading

Health

Providers Call for More FCC Telehealth Funding as Demand Grows

‘I think obtaining funding from the Universal Service Fund would go a long way.’

Published

on

Photo of FCC Chairwoman Jessica Rosenworcel

WASHINGTON, July 26, 2022 – Health care providers in parts of America say they are struggling to deliver telehealth due to a lack of broadband connectivity in underserved communities, and recommended there be more funding from the Federal Communications Commission.

While the FCC has a $200-million COVID-19 Telehealth program, which emerged from the Coronavirus Aid, Relief and Economic Security (CARES) Act, some providers say more money is needed as demand for telehealth services increases.

“The need for broadband connectivity in underserved communities exceeds current availability,” said Jennifer Stoll from the Oregon Community Health Information Network.

The OCHIN was one of the largest recipients of the FCC’s Rural Health Care Pilot program in 2009. Stoll advocated for the need for more funding with the non-profit SHLB Coalition during the event last week. Panelists didn’t specify how much more funding is needed.

Stoll noted that moving forward, states need sustainable funding in this sector. “I am hoping Congress will be mindful of telehealth,” said Stoll.

“The need for telehealth and other virtual modalities will continue to grow in rural and underserved communities,” she added.

Brian Scarpelli, senior global policy counsel at ACT, the App Association, echoed the call for FCC funding from the Universal Service Fund, which subsidizes basic telecommunications services to rural areas and low-income Americans. “I think obtaining funding from the Universal Service Fund would go a long way.”

Continue Reading

Recent

Signup for Broadband Breakfast

Get twice-weekly Breakfast Media news alerts.
* = required field

Trending