VRSN, Azure logging, cybersecurity exec order, NSA data center


SO the US did nothing other today than it promised a while ago: start to build an next generation comsec economy. This follows the Api economy (that failed). The comsec economy is a cold war gamble – and likely  to succeed.

image

http://www.nasdaq.com/symbol/vrsn/real-time

The chart of VeriSign’s stock price is one indicator of the  just how well the plan is working; since DNS authority is at the heart of metadata scanning, in the new world of the comsec economy.

WE can point out Azure machine learning tools, too – the raw infrastructure of processing huge numbers of (rather mundane) log file events. Of course, events that log activity are better known as metadata.

image

http://azure.microsoft.com/en-us/services/machine-learning/

The focus by Microsoft on this area is similar to the focus a few years ago on office 365 infrastructure – assuming that government agencies would eventually outsource their (legacy) mail and intranet servers (and voice switches, ideally). This time, the assumption is that each such agency will be outsourcing its log processing,

The executive order binding stooge companies (bank of America, my bank, amongst them) to the federal initiative to collect log statistics, apply machine learning, and specifically predict cyber attacks aimed at American private firms… is now a reality. This has been in the works for years.

image

http://www.whitehouse.gov/the-press-office/2015/02/12/fact-sheet-executive-order-promoting-private-sector-cybersecurity-inform

A word of warning on that initiative, since it sounds almost identical to the post clinton exec order, after FBI were denied mandatory key escrow: the establishment of a MITRE-led initiative to create the metadata scanning program (instead).

In the audit arena, folks have been gearing up for this cybersecurity focus for a while, led by the revitalized FISMA process:

image

http://csrc.nist.gov/groups/SMA/fisma/Risk-Management-Framework/index.html

note how the changes or orientation towards cybersecurity –motivated logging are now downplayed, in light of increased public understanding of metadata scanning threats. Its quite hard now to linkup fisma (revised) with fedramp:

image

http://www.gsa.gov/portal/category/102375

one notes the outcome of the NSA vs DHS war, on who is to control metadata scanning!

image

http://www.dhs.gov/news/2010/11/18/dhs-highlights-two-cybersecurity-initiatives-enhance-coordination-state-and-local

of course, this is all dominated by the investment in Utah

image

https://nsa.gov1.info/utah-data-center/

All of which goes back years, to the decision to use subversion (of internet security programs) rather than mandatory key escrow.

image

https://www.schneier.com/crypto-gram/archives/1999/1015.html

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in Computers and Internet. Bookmark the permalink.