Monday, April 17, 2006

Homeland Insecurity Meets Pork Barrel

I have spent most of my professional career involved in information security. In fact, I achieved my Certified Information System Security Professional (CISSP) status in 2001. I have been following security events from both a technical, practical and political perspective.

As part of my continuing reading in the area, I read a well-written book called The Myth of Homeland Security by Marcus Ranum, a respected infosec consultant.

When the Department of Homeland Security was created, my first thought was government over-reaction quickly followed by inefficient bureaucracy. Just look at what they did with commercial airplane security. Most of the countermeasures are not implementated to catch the clever, organized, well-funded terrorists. We're trying to catch the amateurs and the incompetent. We're trying to catch the unstable. We're trying to catch the copycats. These are all legitimate threats, and we're smart to defend against them. Against the professionals, we're just trying to add enough uncertainty into the system that they'll choose other targets instead.

Remember the National Guard members toting a M-16 placed at each major airport just past the security check. It was all about getting people to feel safer and to help protect the airline industry. It had nothing to do with counterterrorism.

As part of the federal government's on-going effort to promote security, the city of Dillingham, AK purchased 80 cameras to watch over the town, purchased through a $202,000 Homeland Security grant meant primarily to defend against a terrorist attack. Dillingham has a population of 2400 (that's 30 cameras per person). The justification for deploying these cameras for this sockeye fishing community is first line of port security (against Russia) for the western U.S.

Brilliant! We need more of these effective countermeasures [sic].

No comments: