What's government's role in making the Web secure?

Newsday last week published an article about government and government's role in helping to make the web more secure. A Senate committee was exploring ways to secure computer networks last week, and a provision to give the president the power to shut down Internet traffic to compromised Web sites in case of an emergency, immediately set off some alarms. Apparently, corporate leaders and privacy advocates quickly objected, saying the government should not seize control of the Internet.

The lawmakers dropped the issue, but the discussion on the topic continues.

From Newsday:

How much control should federal authorities have over the Web in a crisis? How much should be left to the private sector? It does own and operate at least 80 percent of the Internet and argues it can do a better job.

"We need to prepare for that digital disaster," said Melissa Hathaway, the former White House cybersecurity adviser. "We need a system to identify, isolate and respond to cyberattacks at the speed of light."

So far at least 18 bills have been introduced as Congress works carefully to give federal authorities the power to protect the country in the event of a massive cyberattack. Lawmakers do not want to violate personal and corporate privacy or squelching innovation. All involved acknowledge it isn't going to be easy.

For most people, the Internet is a public haven for free thought and enterprise. Over time it has become the electronic control panel for much of the world's critical infrastructure. Computer networks today hold government secrets, military weapons specifications, sensitive corporate data, and vast amounts of personal information.

Included in the backlash against the proposal were responses like these:

"The government needs to get its own cybersecurity house in order first before it tries to tell the private sector what to do," said Gregory T. Nojeim, senior counsel for the Center for Democracy and Technology.

Nojeim said the Senate Commerce Committee bill appears to leave "tough questions to the president, and that isn't comforting because some presidents will answer those questions in troubling ways."

While these issues are pondered, there remains one major problem to government control of the Internet:

Shutting down a compromised system may sound like a good idea, but "it's not like the Internet has an on-off switch somewhere you can press," said Franck Journoud, manager of information security policy for the Business Software Alliance.

While the government may not have an on-off switch, each organization that has access to the Internet should. If there truly were a network emergency, could you shut down access ot the Internet for your web-users? Having a proxy infrastructure would give an easy point access of turning off access to the Internet, and another good reason to have web proxies if you don't already.