$20.00
jeremy cobert
United States
cedar rapids
Iowa
flag msg tools
mbmbmbmbmb
You really cant make this stuff up. I wonder if they are hiring based on quotas,political favors or something else entirely.

I know they non tech people will look at their titles and say something stupid like "but they work in IT!" but none of them are actual cybersecurity experts. And yes, there is a major difference.

Quote:
Democratic National Committee Creates A 'Cybersecurity Board' Without A Single Cybersecurity Expert from the this-is-not-good dept.

The Democratic National Committee, still reeling from the hack on its computer system that resulted in a bunch of leaked emails and the resignation of basically all of its top people, has now created a "cybersecurity advisory board" to improve its cybersecurity and to "prevent future attacks."

“To prevent future attacks and ensure that the DNC’s cybersecurity capabilities are best-in-class, I am creating a Cybersecurity Advisory Board composed of distinguished experts in the field,” interim DNC Chairwoman Donna Brazile wrote in a memo. “The Advisory Board will work closely with me and the entire DNC to ensure that the party is prepared for the grave threats it faces—today and in the future.”

Sure. That sounds like a good idea. But, then there's this:

Members include
Rand Beers, former Department of Homeland Security acting secretary; Nicole Wong, former deputy chief technology officer of the U.S. and a former technology lawyer for Google and Twitter;
Aneesh Copra, co-founder of Hunch Analytics and former chief technology officer of the U.S.;
Michael Sussmann, a partner in privacy and data security at the law firm Perkins Coie and a former Justice Department cybercrime prosecutor.


https://www.techdirt.com/articles/20160815/09190935246/democ...
2 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Moshe Callen
Israel
Jerusalem
flag msg tools
designer
ἄνδρα μοι ἔννεπε, μοῦσα, πολύτροπον, ὃς μάλα πολλὰ/ πλάγχθη, ἐπεὶ Τροίης ἱερὸν πτολίεθρον ἔπερσεν./...
badge
μῆνιν ἄειδε θεὰ Πηληϊάδεω Ἀχιλῆος/ οὐλομένην, ἣ μυρί᾽ Ἀχαιοῖς ἄλγε᾽ ἔθηκε,/...
mbmbmbmbmb
I've not looked into it but this looks on the surface like a valid criticism as far as it goes. Of course neither party seems to like people who know what the heck they're talking about on any issue when they're politicking. Whether it's guns, abortion, the Middle East, or less lionized issues like cybersecurity, American politicians (who are not unique in this regard BTW) are allergic to informed advice except where it conforms to their preconceived opinions.
6 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Born To Lose, Live To Win
United States
Cleveland Heights
Ohio
flag msg tools
mbmbmbmbmb
It looks more like a team that deals with the fallout of a post-cybersecurity event. They are for damage control and CYA, not prevention.
3 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Boaty McBoatface
England
County of Essex
flag msg tools
mbmbmbmbmb
TheChin! wrote:
It looks more like a team that deals with the fallout of a post-cybersecurity event. They are for damage control and CYA, not prevention.
+Yes, looks like a legal team, but I cannot help but wonder why this is better then prevention.

But then of course this does not preclude that, the "board" can hire experts...now I wonder what kind of organization hires experts to advise "the board"?
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Josh
United States
Pennsylvania
flag msg tools
mbmbmbmbmb
The board sounds like people who are in the loop about the broad strokes, likely they'll be consulting and hiring people to do the actual work. We've got nutrition experts on hand at the university. They don't cook the food.
13 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Steven Woodcock
United States
Unspecified
Unspecified
flag msg tools
mbmbmbmbmb
jeremycobert wrote:
You really cant make this stuff up. I wonder if they are hiring based on quotas,political favors or something else entirely.

I know they non tech people will look at their titles and say something stupid like "but they work in IT!" but none of them are actual cybersecurity experts. And yes, there is a major difference.

Quote:
Democratic National Committee Creates A 'Cybersecurity Board' Without A Single Cybersecurity Expert from the this-is-not-good dept.

The Democratic National Committee, still reeling from the hack on its computer system that resulted in a bunch of leaked emails and the resignation of basically all of its top people, has now created a "cybersecurity advisory board" to improve its cybersecurity and to "prevent future attacks."

“To prevent future attacks and ensure that the DNC’s cybersecurity capabilities are best-in-class, I am creating a Cybersecurity Advisory Board composed of distinguished experts in the field,” interim DNC Chairwoman Donna Brazile wrote in a memo. “The Advisory Board will work closely with me and the entire DNC to ensure that the party is prepared for the grave threats it faces—today and in the future.”

Sure. That sounds like a good idea. But, then there's this:

Members include
Rand Beers, former Department of Homeland Security acting secretary; Nicole Wong, former deputy chief technology officer of the U.S. and a former technology lawyer for Google and Twitter;
Aneesh Copra, co-founder of Hunch Analytics and former chief technology officer of the U.S.;
Michael Sussmann, a partner in privacy and data security at the law firm Perkins Coie and a former Justice Department cybercrime prosecutor.


https://www.techdirt.com/articles/20160815/09190935246/democ...




Hmmmm..........


Ferret
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Chris
United States
Sandy Springs
Georgia
flag msg tools
mbmbmbmbmb
jeremycobert wrote:
You really cant make this stuff up. I wonder if they are hiring based on quotas,political favors or something else entirely.

I know they non tech people will look at their titles and say something stupid like "but they work in IT!" but none of them are actual cybersecurity experts. And yes, there is a major difference.

Quote:
Democratic National Committee Creates A 'Cybersecurity Board' Without A Single Cybersecurity Expert from the this-is-not-good dept.

The Democratic National Committee, still reeling from the hack on its computer system that resulted in a bunch of leaked emails and the resignation of basically all of its top people, has now created a "cybersecurity advisory board" to improve its cybersecurity and to "prevent future attacks."

“To prevent future attacks and ensure that the DNC’s cybersecurity capabilities are best-in-class, I am creating a Cybersecurity Advisory Board composed of distinguished experts in the field,” interim DNC Chairwoman Donna Brazile wrote in a memo. “The Advisory Board will work closely with me and the entire DNC to ensure that the party is prepared for the grave threats it faces—today and in the future.”

Sure. That sounds like a good idea. But, then there's this:

Members include
Rand Beers, former Department of Homeland Security acting secretary; Nicole Wong, former deputy chief technology officer of the U.S. and a former technology lawyer for Google and Twitter;
Aneesh Copra, co-founder of Hunch Analytics and former chief technology officer of the U.S.;
Michael Sussmann, a partner in privacy and data security at the law firm Perkins Coie and a former Justice Department cybercrime prosecutor.


https://www.techdirt.com/articles/20160815/09190935246/democ...


Come on man, you know that IT management rarely knows anything about actual IT. Did you watch that hearing when the government had the OPM security breach and the bunch of management ass clowns they paraded in front of Congress who didn't know shit. This is par for course, well maybe a little worse because it's politicians. Why do they need 5 people instead of 1? So 5 people can collect some bank instead of just one person. They're all looking for their slice of the pie.
3 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
jeremy cobert
United States
cedar rapids
Iowa
flag msg tools
mbmbmbmbmb
Shadrach wrote:
The board sounds like people who are in the loop about the broad strokes, likely they'll be consulting and hiring people to do the actual work.




no, stop it. You nutters are always the first to jump on someone who is not an expert in their field on pretty much any issue.


Shadrach wrote:
We've got nutrition experts on hand at the university. They don't cook the food.


This would like hiring the 16 year old french fry kid from McDonald's and putting him in charge of your companies nutritional program because he can cook and his dad gave you a shit ton of money.
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Erik Henry
United States
Manvel
Texas
flag msg tools
mbmbmb
Yeah! At least Trump has two economists among his twenty-two economic advisers.
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Andy Leighton
England
Peterborough
Unspecified
flag msg tools
mbmbmbmbmb
jeremycobert wrote:
Shadrach wrote:
The board sounds like people who are in the loop about the broad strokes, likely they'll be consulting and hiring people to do the actual work.


no, stop it. You nutters are always the first to jump on someone who is not an expert in their field on pretty much any issue.


Oh come on. Shadrach has a fair point. How many people on the board of Microsoft or Apple has actually done any software development in the recent times?

But it also depends what exactly the remit of the Cybersecurity Board is. The people might be the right people or they might not, but that could be equally true if you picked people actively working in the field.
3 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Born To Lose, Live To Win
United States
Cleveland Heights
Ohio
flag msg tools
mbmbmbmbmb
andyl wrote:
Oh come on. Shadrach has a fair point. How many people on the board of Microsoft or Apple has actually done any software development in the recent times?

But it also depends what exactly the remit of the Cybersecurity Board is. The people might be the right people or they might not, but that could be equally true if you picked people actively working in the field.
On the flipside, If GM, Ford and Chrysler had actual automotive engineers on their boards, the U.S. auto industry might not be a shadow of its former self.
4 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Tom McVey
United States
SF Bay Area
California
flag msg tools
mbmbmb
TheChin! wrote:
It looks more like a team that deals with the fallout of a post-cybersecurity event. They are for damage control and CYA, not prevention.


That's possible, it's also possible that the DNC is doing a more profound overhaul of their security and is not doing a short-term fix.

Given the sophistication of the expected attackers the DNC faces, trying to prevent any possible breach of security from the outside may be of limited value, and the best strategy may be to try to limit the damage a bad actor can do after a breach has happened.

But if you do that, then you are going to severely limit the sharing of information within the organization and the way they do their work.

Security is all about saying "no" to certain people who want access, and the first time you deny or severely restrict a congressman's campaign staff direct access to XYZ voter/donor database someone powerful will get upset.

That's a hard internal sell, and having heavy policy hitters may be a better way to effectively deliver that message to the DNC middle management before you put the network plumbers on the job. Architects first, then the carpenters.

Also, what Shadrach said. The lineup of folks who've held senior positions suggests they'll get their calls returned when the security contract goes out to bid.
3 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
J.D. Hall
msg tools
First off, this isn't government -- it's the Democratic National Party.

Second off, sure the members listed above have zero experience in actual coding and programming. But the kind of people who can do that can't be bothered to attend meetings -- they're off in some cubby hole crunching and crunching while wolfing down pop tarts and waiting for the next Pokémon Go game to start.
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Andrew Bartosh

Sunnyvale
California
msg tools
mbmbmbmbmb
galad2003 wrote:
Come on man, you know that IT management rarely knows anything about actual IT. Did you watch that hearing when the government had the OPM security breach and the bunch of management ass clowns they paraded in front of Congress who didn't know shit. This is par for course, well maybe a little worse because it's politicians. Why do they need 5 people instead of 1? So 5 people can collect some bank instead of just one person. They're all looking for their slice of the pie.


In all seriousness, while 5 might be excessive, would 1 actually be the right choice to go with here? This seems more like the sort of thing you'd still want a small team for, particularly if it extends beyond actual, "physical" cybersecurity.

That said, article seems to nail it pretty well.
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
United States
Boise
Idaho
flag msg tools
mbmbmb
remorseless1 wrote:
First off, this isn't government -- it's the Democratic National Party.

Second off, sure the members listed above have zero experience in actual coding and programming. But the kind of people who can do that can't be bothered to attend meetings -- they're off in some cubby hole crunching and crunching while wolfing down pop tarts and waiting for the next Pokémon Go game to start.


That's factually incorrect and little more than an idiotic portrayal of an entire technical field as kids in basements getting as fat as RSP Liberals while playing the game RSP liberals are ashamed to admit they play.

I have a kid who is a "cyber security expert" and I assure you that he almost never plays any games, is physically fit, wouldn't touch a pop tart if you paid him, loves guns and whiskey and spends his time keeping the confidential data of his clients secure and their servers up and accessible. Others I know in the field (mainly via him) are neither grubbing in some cubbyhole, swiping Pokemon or avoiding work. How do you think the fucking Russian hackers don't already own your bank account?

I do see a problem with the board the article cited in the OP. It's stupid and dangerous to create a board to insure highly technical security is attained and staff it with political operatives, donation bundlers and ideological hacks. They need experts if they intend to secure their data, not insiders and ass kissers.


1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Chris
United States
Sandy Springs
Georgia
flag msg tools
mbmbmbmbmb
AndrewRogue wrote:
galad2003 wrote:
Come on man, you know that IT management rarely knows anything about actual IT. Did you watch that hearing when the government had the OPM security breach and the bunch of management ass clowns they paraded in front of Congress who didn't know shit. This is par for course, well maybe a little worse because it's politicians. Why do they need 5 people instead of 1? So 5 people can collect some bank instead of just one person. They're all looking for their slice of the pie.


In all seriousness, while 5 might be excessive, would 1 actually be the right choice to go with here? This seems more like the sort of thing you'd still want a small team for, particularly if it extends beyond actual, "physical" cybersecurity.

That said, article seems to nail it pretty well.


I would want one person in charge, you can hire as many advisers or team members as you want. But a committee of people making decisions is pointless, which is how this reads to me. This is just my opinion of course.
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
J.D. Hall
msg tools
DWTripp wrote:
remorseless1 wrote:
First off, this isn't government -- it's the Democratic National Party.

Second off, sure the members listed above have zero experience in actual coding and programming. But the kind of people who can do that can't be bothered to attend meetings -- they're off in some cubby hole crunching and crunching while wolfing down pop tarts and waiting for the next Pokémon Go game to start.


That's factually incorrect and little more than an idiotic portrayal of an entire technical field as kids in basements getting as fat as RSP Liberals while playing the game RSP liberals are ashamed to admit they play.

Thought people would understand it was sarcasm, you know, as in "all cops love doughnuts." Forget to take your humor pill this morning?
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Andrew Bartosh

Sunnyvale
California
msg tools
mbmbmbmbmb
galad2003 wrote:
AndrewRogue wrote:
galad2003 wrote:
Come on man, you know that IT management rarely knows anything about actual IT. Did you watch that hearing when the government had the OPM security breach and the bunch of management ass clowns they paraded in front of Congress who didn't know shit. This is par for course, well maybe a little worse because it's politicians. Why do they need 5 people instead of 1? So 5 people can collect some bank instead of just one person. They're all looking for their slice of the pie.


In all seriousness, while 5 might be excessive, would 1 actually be the right choice to go with here? This seems more like the sort of thing you'd still want a small team for, particularly if it extends beyond actual, "physical" cybersecurity.

That said, article seems to nail it pretty well.


I would want one person in charge, you can hire as many advisers or team members as you want. But a committee of people making decisions is pointless, which is how this reads to me. This is just my opinion of course.


That's fair. To my own detriment, I kind of defacto assume one actual head (or that they have immensely split responsibilities).
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Front Page | Welcome | Contact | Privacy Policy | Terms of Service | Advertise | Support BGG | Feeds RSS
Geekdo, BoardGameGeek, the Geekdo logo, and the BoardGameGeek logo are trademarks of BoardGameGeek, LLC.