The Packet Rat | A Swiftian plan for security

OMB’s push for agencies to adopt lines of business and shared-services centers is gathering additional steam, and it looks like the efforts to create a Security LOB are off the back burner once again. Now that someone is actually being paid to provide support for the process, the Rat suspects that the wheels will spin a little more freely on the Security LOB wagon.

Of course, that someone is SiloSmashers Inc., a subcontractor for CapGemini.

When he heard the name, the whiskered one thought that maybe some anti-nuclear protestors from Plowshares and Jonah House had gotten in the wrong line one morning and found themselves getting handed a GSA contract instead of getting arrested.

But, given the continued security woes at the Veterans Affairs Department (what with another notebook PC gone missing with veterans’ personal data aboard), the Rat thinks he has a modest proposal on how to get things moving even faster.

“If the OMB wants real movement,” the cyberrodent said to his agency undersecretary as they went over a Federal Information Security Management Act audit, “they should create an Insecurity LOB, and bring back those folks that have gotten the axe at VA to run a shared-services center for security screw-ups.”

“See, if we centralized all of the executive branch’s inaction on data security into
one place, it could save billions a year. By pushing all our security policies over to a ‘center of incompetence’ for security, we could quickly see where the weaknesses are and how feckless users might try to circumvent them.”

“So, let me get this straight,” the confused appointee said. “You think OMB should centralize … incompetence?”

“It’s clearly a cross-agency business function, and with two strikes so far this year, VA seems to be the perfect testing ground for security practices. I mean, to paraphrase Sinatra, if it doesn’t fail there, it won’t fail anywhere.”

“So you’re talking about a test environment,” the undersecretary offered.

“Well, after a fashion,” replied the Rat. “If they think it’s testing, it won’t work. So they have to actually think it’s real work to be effective. Plus, I doubt the ROI on keeping all those folks around just to see how they evade security policies would be high enough to make the proposal attractive.”

“But that would mean that they’d be violating security with actual live data!” the distressed officio interjected.

“Sure,” the furry one said soothingly. “But it wouldn’t be our data. I mean, do we want to let our users be the next security scandal? Or for that matter, do we want the Energy Department people accidentally releasing nuclear test hard drives into the wild?”

The perplexed politico furrowed his brow. “Well, no. I think I see your point.”
“Good,” smiled the Rat. “Feel free to claim the idea as your own, and pitch it to the Security LOB task force. I’m sure they’ll love it.”

The Packet Rat once managed networks but now spends his time ferreting out bad packets in cyberspace. E-mail him at rat@postnewsweektech.com.

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.