Nov 10 2008

What would you ask the Department of Homeland Security Secretary?

Published by at 6:39 pm under Blogging,Government

Michael Chertoff, the Secretary of the Department of Homeland Security, will be here in California tomorrow.  He’s hosting a blogger roundtable on Cybersecurity and I’m one of an unknown number of security bloggers who’ll be attending the event and talking to Mr. Chertoff face to face.  Quite frankly I was surprised that the Department of Homeland Security was even aware of blogs, let alone willing to step out of Washington to talk to us in person.  I probably shouldn’t be, since the TSA has had a blog for months now, even if I rarely agree with what they post there and never take it at face value.

Mr. Chertoff is on his way out due to the change in leadership our country is going through, but he’s held a highly political and thankless job for some time now.  He has a unique view of the security of not only our nation, but every nation in the world.  So what would you ask the man who’s been responsible for ‘homeland security’?  What do you want to know about how we’re doing security at the highest levels?  What burning questions about the TSA and your shoes are eating away at you?  If it was you going to talk to Mr. Chertoff tomorrow, what’s the one question you’ld ask?

I have a number of my own questions, but I know that you can come up with even better.  Leave a comment on this post with the question you’d ask.  Keep it short and concise, make it topical to cybersecurity.  I won’t be asking any ‘attack’ questions, but I’m perfectly willing to ask some of the hard questions.  Personally, I want to know what it’s like to be placed in charge of Homeland Security without any real power to affect change?  Except that most security managers already know what that’s like.

We’re allowed to bring cameras and audio equipment, but no video.  Most of my equipment is for close up interviews, but I’ll do the best I can with what I have.  I’m just hoping the Secret Service doesn’t decide that some of my equipment isn’t acceptable.  Or decide that I’m a security risk at the last minute.

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

10 responses so far

10 Responses to “What would you ask the Department of Homeland Security Secretary?”

  1. Richard E. Bakeron 10 Nov 2008 at 6:47 pm

    How does any one get into jobs that require security clearances… if there are no jobs that will sponsor security clearances…

  2. Christofer Hoffon 10 Nov 2008 at 7:01 pm

    {copied from my Twitter response to you}

    My question would be: given all of the high profile security issues we have, the fact that the leadership in our country is in transition, the economy is in shambles inviting all sorts of additional pressures on our strapped resources and our military/homeland security are fighting two wars, is a blogger roundtable REALLY the best thing you can be spending tax payer money on!?

    Really?

    Good luck with that one, Martin… 😉

    /Hoff

  3. Christofer Hoffon 10 Nov 2008 at 7:08 pm

    Oh, one more thing…he’s hosting a security bloggers roundtable on Veteran’s Day!?

    Wow.

  4. Chaitanya Sagaron 10 Nov 2008 at 7:10 pm

    My question would be: How do you use the new age media to enhance security? Can you give specific examples?

    You could also suggest using blogs to get tip offs about security issues.

    Chaitanya
    CEO, http://www.p2w2.com

  5. Rockyon 10 Nov 2008 at 7:24 pm

    I would ask about a couple of programs and have the plans articulated a bit more robustly.

    1. Einstein v1 is essentially netflow and log management at a very basic level providing session data across departments. It is valueable but only to a very limited extent. According to press reports Einstein v2 adds basic (and limited scale) IDS functionality, but what is the end goal for the program? Why not go for full packet reconstruction on a more aggressive timescale?

    2. Trusted Internet Connection (TIC): What is the end goal of TIC? Is the goal to create a NIPR or SIPR-like environment for Federal / Civilian Agencies where data is “classified”, or is it simply a plan for a more robust, sustainable government network in case of civilian Internet outages?

    3. Government/Commercial cooperation – on the civilian side we need better protection provided by the government – how can we help the government deliver those services? Current day Information sharing is not completely useless but it is certainly delayed, insufficient and no where near the level of robustness that those who aim to attack our networks enjoy. What other plans are there from a DHS perspective to enable the civilian sector (or to better align and communicate with them in a collaborative manner)?

  6. Rocky DeStefanoon 10 Nov 2008 at 8:15 pm

    Martin,
    I got tired of my reply timing out – so I posted my response to my blog….

    http://blog.decurity.com/index.php/dec_template/more/dhs_blog_round_table/

    Enjoy the session!

    Rocky

  7. Martinon 10 Nov 2008 at 10:45 pm

    Folks, I have comment moderation turned. Akismet catches 95% of the comment spam, but it also flags any comment it can’t determine, leaving it up to me to review. Sorry, I was away from my computer for most of the evening.

    I see a number of very good questions. And a couple by Rocky that I’ll need to expand my own vocabulary before I can fully understand them. I’ve never heard of the first two programs he mentions. I’ll hand those over to George Ou.

    Keep them coming if you’ve got them. I don’t know how many questions we’ll get to ask. I don’t know if they’ll allow twitter during his talk, but I’ll try.

    Martin

  8. Martinon 11 Nov 2008 at 6:15 am

    Here are some of the responses I got from Twitter last night concerning Secretary Chertoff. I am not responsible for the content, don’t send the black helicopters to my house.

    davehull @mckeay Ask him if he knows what security theater is

    catalyst @mckeay I’d ask two questions: (1) what is the biggest lesson learned in working to combine DHS into a singular agency, and
    catalyst @mckeay (2) what is the largest challenge facing the next administration

    Beaker @mckeay I can’t answer your question without knowing why Chertoff is hosting a blogger roundtable…Is this really his highest priority!?
    Beaker RT from myself: WTH is Chertoff hosting a security bloggers roundtable? Is this REALLY his highest priority these days?
    Beaker Maybe Chertoff could hold a Katrina survivors roundtable? An Iraq or Afghanistan wounded veteran roundtable? A Pissing Me Off Roundtable?
    Beaker Oh, and another thing, he’s hosting a security bloggers roundtable on VETERAN’S DAY!? REALLY!? Veterans day!? WTF.
    Beaker Hello friendly DHS data mining bots…please send the water board team in the black helis on the weekend as I have the kids tomorrow, kthxby

    johndoe678 @mckeay How many terrorists have been caught due to ID checks at airports since 9/11? How many extra hours have people sat around?

  9. Martinon 11 Nov 2008 at 7:14 am

    Here are some more responses this morning from Twitter.

    rybolov @mckeay Just ask about information sharing–how do security professionals get more than just the friendly face of US-CERT?
    rybolov @mckeay infosharing is the important thing. DHS has many enemies in teh blagosphere, how can DHS make friends with them?

    amrittsering @mckeay Ask him to expose any aspect of the $17b cyber security initiative
    amrittsering @mckeay Ask him about the backdoor wiretapping into several major telecom carriers, and then ask him about the constitution
    amrittsering @mckeay Ask if there is a conflict of interest for folks like Karen Evans to mandate the use of specific security software (cont)
    amrittsering @mckeay made by companies she has discussed joining the board of (rumors, only rumors)
    amrittsering @mckeay Ask if it is in the best interest of the DoD to make public which security software they do use
    amrittsering @mckeay You can throw him some softballs so he will let you ask more – like what did you learn from Cyber Storm II?
    amrittsering @mckeay Ask what changes have been implemented to deal with “Katrina II – the reckoning” especially in terms of 1st response & cross org com
    amrittsering @mckeay 1 more – when and how will private co’s have the opportunity to tell DHS and CNCI, generally, how their technologies can help CIP?

    jeremiahg @mckeay perhaps ask why the cyber security initiatives, identical to Obama’s, never got any traction… http://doiop.com/n825qw

  10. Andrew Cooperon 02 Sep 2015 at 5:29 am

    My only question to Homeland Security Secretary is how much America protected by cyber attack? Is the law already tighter to punish hacker or it needs to be revised?

    http://devconhomesecurity.com/protect-america-home-security

Trackback URI | Comments RSS

Leave a Reply

%d bloggers like this: