Cybersecurity and the Superior Ignorance of Bureaucrats

The January 2019 issue of the CACM (Communications of the Association for Computing Machinery) Journal is a treasure trove for cybersecurity professionals interested in understanding why it is so important to have tech-savvy legislators to come up with meaningful policy and laws and to have knowledgeable regulators enforce them. In my BlogInfoSec column of August 27, 2018, “Educate Lawmakers on Securing the Critical Infrastructure,” I propose mandatory cybersecurity education for those in power. More recent events, such as the January 29, 2019 U.S. Senate Intelligence Committee hearing on national security, reported in The New York Times by David E. Sanger and Julian E. Barnes in an article with the title “On North Korea and Iran, Intelligence Chiefs Contradict Trump,” which is available at support this argument.

In the January CACM journal, mentioned above, there is an excellent article by William Casey et al with the title “Deception, Identity, and Security: The Game Theory of Sybil Attacks.” While the article itself is a major contribution to the field, I was also taken by the quotation at the beginning of the article from John le Carré’s 2004 book “The Russia House: A Novel,” which is as follows:

“When the world is destroyed, it will be destroyed not by its madmen but by the sanity of its experts and the superior ignorance of its bureaucrats.”

This is a clear call for educating our leaders and bureaucrats in the complexities of information technology and cybersecurity or, if that doesn’t seem to be doable, then we must insist that those who are incoming have some level of certification—I would even suggest something akin to the CISSP (Certified Information System Security Professional) credential.

As I alluded to above, there is much more in the journal than just this article. Moshe Vardi wrote a “Vardi Insights” column asking the question: “Are We Having an Ethical Crisis in Computing?” Here’s the spoiler … we are!

And finally, the “Editor’s Letter” by Andrew Chien titled “Open Collaboration in an Age of Distrust” bemoans the dual use of technology for both good and evil.

Lots to talk about … lots to think about. But it all comes down to the need for those with a deep and realistic view of cybersecurity risk to move into positions of power so that we can get some of the knowledge-based decision-making that we sorely need. The current crowd just doesn’t cut it.

Post a Comment

Your email is never published nor shared. Required fields are marked *