Is FEMA The Best Group To Model A Cybersecurity Agency After?

from the proactivity dept

There’s been a lot of talk about the cybersecurity policy actions the Obama administration will undertake, with few clear ideas on exactly what such a policy should entail, or what powers the much-discussed cybersecurity “czar” should have. One of the supposed leading candidates for the czarship says that what the country really needs is “a FEMA for the internet” that can coordinate responses to electronic attacks and problems. The wisdom of invoking the idea of another FEMA doesn’t seem too wise, given the agency’s rather tarnished reputation following its ham-fisted response to Hurricane Katrina and other disasters, but leaving that aside, there may be deeper issues. FEMA’s role is largely preparedness for and reaction to natural disasters; shouldn’t a cybersecurity agency be focused more on prevention than reaction? The idea of something like FEMA makes sense in the context of natural disasters and emergencies, since they are largely unpreventable and inevitable. But isn’t cybersecurity an area in which prevention of disasters and attacks is arguably more important?

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Is FEMA The Best Group To Model A Cybersecurity Agency After?”

Subscribe: RSS Leave a comment
youneedhelp says:

Re: REX 84 & FEMA

Seriously, did you even read this tripe before linking to it?

“The first targets in any FEMA emergency would be Hispanics and Blacks.”

I love a good conspiracy theory as much as the next guy, but whoever authored this pile of shit could at least take a minute to update his/her racial profiling targets to include the pariah ethnicity du jour.

Never mind, I’m probably screaming at the deaf here.

weneedhelp (user link) says:

Re: Re: REX 84 & FEMA

No conspiracy about it. Did YOU read it?
I see you chose to ignore:
The first targets in any FEMA emergency would be Hispanics and Blacks, the FEMA orders call for them to be rounded up and detained. Tax protesters, demonstrators against government military intervention outside U.S. borders, and people who maintain weapons in their homes are also targets.

There is nothing racist about that comment. Stop being a fool by trying to discredit someone by labeling them a bigot. STRAWMAN

FEMA – The Secret Government
By Harry V. Martin with research assistance from David Caul

There are more than enough articles about REX84. If you choose to ignore them then that makes you an average American.

Anonymous Coward says:

Re: Re: Re: REX 84 & FEMA

Some people live in wonderfully amazing worlds. I wish it was me.
Once I worked with a guy who was so convinced that USA has satellites capable of creating earthquakes that he almost kicked my ass when I couldn’t stop laughing at him.

I have no beef submitting to the likely existence of these measures. But the conclusions drawn are just beyond anything I have giggled at in a long time.

600 empty prisons. Well, at least the guards have a job in this economy 😀

weneedhelp (user link) says:

Re: Re: Re:2 REX 84 & FEMA

“Some people live in wonderfully amazing worlds. I wish it was me.” OH YOU ARE.

Terry Kings wrote an article on his discoveries of camps located in southern California. Here are some of his findings:

The first camp we observed was in Palmdale, California. It is not operating as a prison at the moment but is masquerading as part of a water facility. Now why would there be a facility of this nature out in the middle of nowhere with absolutely no prisoners? The fences that run for miles around this large facility all point inward, and there are large mounds of dirt and dry moat surrounding the central area so the inside area is not visible from the road. There are 3 large loading docks facing the entrance that can be observed from the road. What are these massive docks going to be loading?

We observed white vans patrolling the area and one came out and greeted us with a friendly wave and followed us until we had driven safely beyond the area. What would have happened had we decided to enter the open gate or ask questions?

This facility is across the street from the Palmdale Water Department. The area around the Water Department has fences pointing outward, to keep people out of this dangerous area so as not to drown. Yet, across the street, the fences all point inward. Why? To keep people in? What people? Who are going to be it’s occupants?

There are also signs posted every 50 feet stating: State of California Trespassing Loitering Forbidden By Law Section 555 California Penal Code. The sign at the entrance says: Pearblossom Operations and Maintenance Subcenter Receiving Department, 34534 116th Street East. There is also a guard shack located at the entrance.

We didn’t venture into this facility, but did circle around it to see if there was anything else visible from the road. We saw miles of fences with the top points all directed inward. There is a railroad track that runs next to the perimeter of this fenced area. The loading docks are large enough to hold railroad cars.

Another site is located in Brand Park in Glendale. There are newly constructed fences (all outfitted with new wiring that point inward). The fences surround a dry reservoir. There are also new buildings situated in the area. We questioned the idea that there were four armed military personnel walking the park. Since when does a public park need armed guards?

A third site visited was in the San Fernando Valley, adjacent to the Water District. Again, the area around the actual Water District had fences logically pointing out (to keep people out of the dangerous area). And the rest of the adjacent area which went on for several miles was ringed with fences and barbed wire facing inward. Also interesting was the fact that the addition to the tops of the fences were fairly new as to not even contain any sign of rust on them. Within the grounds was a huge building that the guard said was a training range for policemen. There were newly constructed roads, new gray military looking buildings, and a landing strip. For what? Police cars were constantly patrolling the several mile perimeter of the area.

From the parking lot of the Odyssey Restaurant a better view could be taken of the area that was hidden from site from the highway. There was an area that contained about 100 black boxes that looked like railroad cars. We had heard that loads of railroad cars have been manufactured in Oregon outfitted with shackles. Would these be of that nature? From our position it was hard to determine.

In searching the Internet, I have discovered that there are about 600 of these prison sites around the country. They are manned, but yet do not contain prisoners. Why do they need all these non-operating prisons? What are they waiting for? We continuously hear that our current prisons are overcrowded and they are releasing prisoners because of this situation. But what about all these facilities? What are they really for? Why are there armed guards yet no one to protect themselves against? And what is going to be the kick-off point to put these facilities into operation?

Anonymous Coward says:

But ...

While cyber security should really be focused on prevention. Total security is impossible. Therefore an effort is justified in setting up policies to react to a security breach.

Just imagine what it would be like if they designed the ‘perfect’ security system and so didn’t worry about what they would do if it got breached because that is “impossible.” They’d be caught with their proverbial pants around their ankles and the hacker would ravage their system as he/she/it wanted to.

So FEMA might be a bad model to work from but don’t you dare just focus on prevention, you must work to prevent security breaches but you better have a backup plan

jonnyq says:

“The wisdom of invoking the idea of another FEMA doesn’t seem too wise, given the agency’s rather tarnished reputation following its ham-fisted response to Hurricane Katrina and other disasters, but leaving that aside, there may be deeper issues.”

That’s because the federal government just isn’t equipped – nor should they be – to take the lead in recovery from a natural disaster. Katrina was a mess because no one local took charge. They waited for the federal agency to come take over.

That is precisely why no computer network should be reliant on federal aid. FEMA exists to help local leaders. What sort of help would a federal agency provide to local network admins? Why should they? It really sounds like you’re accepting the premise that the government might actually have a role, but I don’t see a reason to accept that.

Anonymous Coward says:

FEMA hasn't always been a joke

FEMA has had a bad reputation ever since the the phrase “You’re doing a heck of a job, Brownie” fell from George Bush’s lips.

But honestly, FEMA has not always been a terrible joke. You will get this problem any time y take any agency or business and put someone totally unqualified at its head based entirely on political loyalty rather than competence and qualifications.

Nick says:

FEMA actually is a fairly good example of how a very large organization can work.
Now what happened about eight years ago what a disaster for FEMA.
A new president was elected, and a rotation of “leaders” were initiated.
The result was a large quantity of inexperienced friends, family members, neighbors and pets finding themselves with a nice income and a job they had no clue about how to perform.
The result was evident in New Orleans.
One could easily argue that FEMA wasn’t the only organization suffering due to change in management.

Now this isn’t specifically to provoke W fans. The rotation happens after all elections.
But rarely with as disastrous results as what we have been witness to for almost a decade.

Man from Atlanta says:

What's wrong with NIST?

Having seen the difference between federal efforts and state cybersecurity efforts, I’m impressed by the feds.

Security is never absolute and with an organization as big as the federal government you’ll always find laggards, but by and large I think NIST (Nat’l Institute of Science and Technology) has done a pretty good job moving toward the goals of FISMA (Federal Information Security Management Act).

Adding governance of private cybersecurity would be a curve ball. Perhaps whoever thinks this is a good idea sees the geopolitical effects of state-run chinese IT efforts and thinks we need to replicate these efforts. I have my doubts about such an approach. For instance, we have open records laws and I suspect many of us would like to keep them.

LostSailor says:

Plan for the Best, Prepare for the Worst

To echo some comments here, yes, it is certainly wise to plan and work to prevent cybersecurity problems, but it is also wise to prepare to respond when those plans prove to be unsuccessful in any specific instance.

FEMA actually had a very good track record before the last administration and the handling of Katrina, such as dealing with the aftermath of Hurricanes Hugo and Andrew. When actual disaster management professionals are put in charge (as opposed to former commissioners of the International Arabian Horse Association), they can be quite effective.

FEMA is probably a good model for one part of the federal cybersecurity equation.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...