With this great opening:
There’s a delicious irony in some of the testimony on cybersecurity that the Senate Homeland Security and Governmental Affairs Committee will hear today (starting at 2:30 Eastern — it’s unclear from the hearing’s page whether it will be live-streamed). Former National Security Agency general counsel Stewart Baker flubs a basic mathematical concept.
If Congress credits his testimony, is it really equipped to regulate the Internet in the name of “cybersecurity”?
Baker’s written testimony (not yet posted) says, stirringly, “Our vulnerabilities, and their consequences, are growing at an exponential rate.” He’s stirring cake batter, though. Here’s why.
Jim Harper then expounds on the difference between exponential and linear growth, the difference between “threats” and “vulnerabilities,” and deliciously illustrates why government fearmongering is as misguided and unhelpful as ever.
Politicians rarely understand what they are legislating on, and it is unfortunate how they never let that affect their judgement.
Do your representatives in Congress get the math involved here? Do they know the difference between exponential growth and linear growth? Do they “get” risk management? Chances are they don’t. They may even parrot the “statistic” that Baker is putting forth. How well equipped do you suppose a body like that is for telling you how to do your cybersecurity?