Back on Sept 18 we criticized presidential candidate Jeb Bush, FBI Director James Comey, and other politicians for complaining that encryption was making it too hard to fight the “evil doers” and suggesting that some sort of “master key” or “backdoor” was needed by law enforcement and intelligence services to do their jobs. We of course disagreed.
Around the same time that article was published, Jeb Bush posted to his blog that it was time for us to stop criticizing the NSA. He said:
The National Security Agency and Cyber Command are on the front lines of defending the United States against cyberthreats. We must stop demonizing these quiet intelligence professionals and start giving them the tools they need. The Federal Bureau of Investigation also needs more resources to fight back against the onslaught of cybercrime.
To his credit, Mr Bush is a bit of a cybersecurity wonk, and has done his homework and has a bit of expertise in this area. He points to the recent exfiltration of employee data from the government’s Office of Personnel Management, and the increasing barrage of criminal and state sponsored cyber attacks against American businesses. He provided some frightening statistics; that 5 out of 6 large US businesses were hit by spearphishing attacks last year, and a 26% and 30% increase in attacks against small and medium sized businesses.
He says that the NSA and FBI need to be given more resources to combat these cyber-attacks, even if it means more governmental intrusion into the lives of US citizens.
I appreciate that Mr Bush is opening a dialog on this important topic. It’s about time that this subject became a public debate. Frankly, since he actually has some technology and cybersecurity chops, I would support his candidacy over many of the other more technically challenged candidates in the race, if only he wasn’t so eager to turn even more power over to law enforcement and intelligence agencies.
I am curious what your opinion is on this matter, so please feel free to leave your comments.
More information –
ShareOCT
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com