Austin Bay
On Feb. 4th, the Senate Homeland Security and Governmental Affairs committee's minority staff released a 19-page assessment entitled "The Federal Government's Track Record on Cybersecurity and Critical Infrastructure." Retiring Sen. Tom Coburn (R-Oklahoma) sponsored the assessment. The footnoted assessment draws on more than 40 agency audits and inspector general reviews.

Coburn's short and readable document supports its high-tech horror story with vivid, near-slapstick examples of bonehead stupidity and reckless laziness magnified by supervisor irresponsibility and senior leader neglect.

Slapstick and bonehead by "The Three Stooges" is comedy. Persistent, uncorrected cybersecurity errors by agencies handling extremely sensitive information is a scandal with the potential for tragedy.

By reputation, the Nuclear Regulatory Commission is a tech-savvy organization. When President Gerald Ford signed the NRC's authorizing legislation, he said that licensing and regulating the civilian use of nuclear materials is a complicated job with "special potential hazards."

Nuclear reactors must be protected from earthquakes, terrorists and cyber attacks on the computers monitoring their output. However, investigators discovered that the NRC "stored sensitive cybersecurity details for nuclear (power) plants on an unprotected" computer. Storing security data for reactor computers on a non-secure computer is beyond bonehead. Moreover, the computer drive was "shared"; several offices could access the defenseless data. Cyberthieves and spies had multiple routes; lousy security in one office undermined tight security elsewhere. Ultimately, the report condemns the NRC's information technology experts for "perceived ineptitude."

On to money. Regulating and insuring the integrity of US stock markets is a central function of the SEC However, the SEC "routinely exposed extremely sensitive" New York Stock Exchange computer network data, including cybersecurity methods and procedures. The 2013 hack on Target stores compromised customer data and financially damaged the discount chain. The NYSE is a bigger target than Target. Hacking the Big Board wreaks global financial damage. Bonehead security sloppiness at the SEC, the NYSE's chief government regulator and policeman, gave hackers and terrorists the inside skinny on the market's IT defenses.

Austin Bay

Austin Bay is the author of three novels. His third novel, The Wrong Side of Brightness, was published by Putnam/Jove in June 2003. He has also co-authored four non-fiction books, to include A Quick and Dirty Guide to War: Third Edition (with James Dunnigan, Morrow, 1996).
Be the first to read Austin Bay's column. Sign up today and receive delivered each morning to your inbox.

©Creators Syndicate