We desperately need actual cybersecurity experts in government
Are you tried of unfair tech company monopolies, billing practices, rising online privacy issues and data breaches – blame the Congressional tech knowledge gap. The US Congress doesn’t have enough educated computer scientists in it to actually understand and draft public policies and protections that are based on modern computer science and driven by objective-based strategy. People without formal computer science and industry information technology education attempting to discuss computer security issues and draft policies they don’t understand. Identify theft, data beaches, unfair tech industry practices, and personal privacy issues will only increase, until we address the lack of expertise and resulting failed policies.
Where’s the Expertise?
Nearly everything in our lives today involves computers and internet communications. You would think that the US government would recognize this by maintaining significant amounts of technical expertise (people with extensive computer science and technology degrees, industry tech certifications, and relative work experience credentials) within its ranks. At one point in 2016 only 4 people in Congress had been identified as having computer science-related degrees. How can you discuss or make policy on an issue you don’t understand?
A recent 2015 government report says a majority of US government agencies are failing with cybersecurity. This problem extends to private industries as well. At least 74% of US firms fail cybersecurity readiness tests, according to a report. Our cybersecurity policies are literally failing us.
Cybercrime costs the US and individuals hundreds of millions of dollars each year. If you factor in all of the related expenses, it comes out to billions in cost. This doesn’t include the personal stress of being a victim of identity theft, loss of online privacy, or other data beaches that are becoming common. If you’re not protecting yourself, it seems nobody else is helping you at the moment.
Consumers are not being represented as well as they could be. After the Facebook data privacy debacle, nothing happened. Congress had no clue and the general public didn’t have the technical understand to fully grasp what had happened either. What about the credit rating company debacle? What about the phone call registry? Failure after failure leaves the American consumer vulnerable and paying more than ever before. Ever been sick of internet service monopolies or unfair cellphone billing practices? Even the New York Times reported that a lack of technical expertise is probably the reason why consumer electronics industries are poorly regulated – and consumers are paying the price. There’s a knowledge gap in Congress.
Because Congress lacks the scientific and technical expertise within its own body, it basically relies on outside lobbyists to entice them into various actions. After all, when you can’t think for yourself, someone else has to do that part for you. That’s bad news for the general public.
Of the 15,000-something staff in Congress, some say they were aware of only about six individuals that have technology-related backgrounds. This is about the same estimate from this report, stating among the actual 535 members of Congress in 2016, only four with computer science-related degrees were identified. That’s insane. We’ve got a problem.
But there might be some hope in the near future. At least 10 new people with science-related credentials were elected to the 116th Congress. Even though there is some hope, this isn’t enough. Lack of knowledge is a serious problem. This is a body that lacks science and technology expertise – and it shows. Although senators and representatives discuss and draft policies regarding cybersecurity, almost none of them have the computer science expertise to deeply understand the issues. The total lack of expertise means the blind are leading the blind. Policies and procedures are bound to fail when they are developed by non-experts with little to no input from actual computer scientists and impartial cybersecurity experts.
Congress Killed Science and Tech in 1995
But this problem isn’t new and isn’t just the failure of the Trump administration. It’s also the failure of previous administrations to recognize and embrace the importance of science and technology expertise in government. Nearly two decades ago, the Office of Technology Assessment (OTA), an independent body of science and tech experts for the US, was axed by US lawmakers. The OTA closed office in September of 1995 after the 104th Congress withdrew funding for it. Since then, we’ve been lacking any significant body of science or tech expertise in US government – and it shows.
Education
Part of the problem is our educational system, including universities. I’ve personally witnessed people teaching cybersecurity courses at major US universities that lacked any kind of actual cybersecurity expertise – and it showed. Education is the first-line of defense for cybersecurity. Our colleges are where we formally train individuals to take on today’s challenges, or at least help them scientifically think and apply what they learn to solve problems. We need experts teaching future experts. When we have non-experts leading, we create non-experts and ultimately more failure. It takes years of study and experience to understand the complicated details of cybersecurity issues, ranging from data privacy, encryption, hacking, phishing, to public utility information technology and communications assets. We desperately need actual reform to fix these issues.
Reform
We need more actual science and tech experts in all levels of the government. This should be the top priority in any necessary reform efforts. Imagine the efficiency, innovation, and progress we would make with added expertise making effective policies. Imagine the benefits to consumers, your personal bank account, data security, and national security, if we had the expertise we need.
Cybersecurity involves deep understanding of computer hardware, software, networks, attack, and counter-attack techniques. This means you really need formal educational training, industry certifications, and work experience in these areas, to be considered an actual cybersecurity expert. Despite these facts, so many are being passed around as “cybersecurity experts.”
If you need an example of random people being passed off as cybersecurity experts, then look no further than Rudy Giuliani. The news headlines were kind of funny and sad at the same time. For example, “What Does Rudy Giuliani Actually Know About Cybersecurity?”, Motherboard/Vice recently wrote. This guy obviously isn’t a cybersecurity expert, he has no formal degree, certifications, or industry experience in that area – and it shows when he talks about “cybersecurity.”
Vice: “Donald Trump wants Rudy Giuliani to solve cybersecurity, but is he the right guy for the job?”
Mediate: ‘Cybersecurity Expert’ Rudy Giuliani Mocked For Having No Idea How Twitter URLs Work
Tech Dirt: “Rudy Giuliani’s Paranoid Nonsense Tweet Is A Good Reminder That We Need Actual Cybersecurity Experts In Government”
Electing scientifically-literate public officials is a good start. Hiring well-educated computer experts at our companies is a good step in the right direction. Reform in Congress should absolutely mean a focus on maintaining high numbers of science and tech experts within its ranks. Without reform and addressing the lack of knowledge issues, we will continue to see major consumer data breaches, corporate hacking, unfair tech practices, outrageous tech billing, and poor infrastructure problems. It’s in all of our best interests to see to it that science and tech are top priority for our government and educational systems.
Be sure to share, like, and subscribe to our new social media (YouTube, Facebook, Twitter) for free giveaways. Lots of cool science and tech content coming soon.
More about author.