Chairman Rockefeller elevates cybersecurity to a major priority — Protecting the cybrastructure
March 19, 2009
The cybrastructure is everything that can be digitally connected to the Internet, and the cybrastructure is increasingly vulnerable to cyber attack from hackers, criminals, terrorists and other bad actors. The exploding growth in people, devices, information, and systems connected to the Internet, naturally creates an exponential increase in vulnerabilities that bad actors can exploit. This makes cybersecurity an increasingly urgent priority.
- Many think of cybersecurity as protecting users, organizations, computers, devices, and private/sensitive information, but it is much more. More and more, cybersecurity is about protecting critical systems too; our banking, capital markets, and e-payment systems; our electrical grid and utilities; our health care infrastructure; our public safety and military systems; etc. — that all can be accessed or hacked by a wide variety users, organizations, computers, and devices.
- The cybrastructure now is the vulnerable soft underbelly of our economy and society.
Fortunately, the security and safety of the cybrastructure is finally getting the priority attention it deserves.
- Today, Chairman Rockefeller of the Senate Commerce Committee said: “It is an understatement that cybersecurity is one of the most important issues we face.” Given the serious distress of the world economy, that is saying something. Chairman Rockefeller said he was not being “alarmist,” but that he knew what he was talking about since he was just previously Chairman of the Senate Intelligence Committee 2007-2009.
- Yesterday, at the confirmation hearing for the Commerce Secretary nominee, Gary Locke, Chairman Rockefeller called cybersecurity the “number one threat” to the nation’s security and Mr. Locke agreed that cybersecurity is “obviously of utmost importance” — per coverage by Washington Internet Daily.
Please consider this very surprising question that Chairman Rockefeller pondered publicly yesterday: “It almost makes you ask the question, ‘Would it have been better if we hadn’t invented the Internet?
- Wow. Why would a widely-respected, seasoned and even-keeled U.S. Senator raise such a provocative question? The obvious answer is that his extensive experience as Chairman of the Senate Intelligence Committee strongly suggests to him that the wide open nature of the Internet creates extremely serious security vulnerabilities that most people don’t even begin to appreciate.
- Now the excellent question that John Markoff of the New York Times asked in the headline of his very important article: “Do We Need a New Internet?” is not the off-base question that his critics tried to imply, but is dead-on point.
- It also brings home the chilling assessment of the Internet’s original design made recently by the co-father of the Internet, and Google’s Internet Evangelist, Vint Cerf.
- “It’s every man for himself,” he says, grinning. “In the end, it seems every machine has to defend itself. The internet was designed that way.”
In sum, why is the security and safety of the cybrastructure is so critically important now?
- In the past cybersecurity was not elevated to a high enough priority.
- The explosive growth in people, devices and information connected to the Internet naturally produces an exponential increase in vulnerability points for bad actors to exploit.
- Our increasingly universal cybrastructure is arguably more important to protect than any individual infrastructure, because it is the internet’s cybrastructure that ultimately brings all digitally-enabled infrastructures and systems together into one converged omni-system.
The Flawed Economics of Broadband Open Access in the U.S.
March 17, 2009
A post by a Google policy analyst yesterday attempted to make the economic case for open access in the U.S. and suggested reasons why American infrastructure providers should embrace a mandated open network model. This proposed theory warrants a strong practical rebuttal. This proposed case for the economics of open access does not hold up to close scrutiny, because it has fatal flaws in both logic and economics.
I. The fatal flaw in logic in the case for the economics of open access:
Since the post assumes broadband markets everywhere are basically the same, it concludes that the open access experience in some European countries is relevant and applicable to the U.S. situation. The fatal flaw in logic here is the core assumption that European and U.S. markets are factually analogous. They are not. They are substantially different factually and structurally as I will explain in detail.
First, the U.S. broadband market is the only market in the developed world where the “incumbent telecom companies” do not have a majority/dominant share of the broadband access market already. According to the latest FCC data “incumbent telecom companies” have a minority share of 38% of the U.S. broadband market. Unique in the developed world, U.S. cable is the broadband share leader with 48% of the broadband market per the FCC. This matters fundamentally because the open access economic case assumes the existence of, and pre-disposition to, monopoly market shares and monopoly economies of scale and scope to economically support a reseller model.
Second, the U.S. broadband market is the only market in the developing world where the incumbent telecom companies in total do not have the greatest national scale among broadband providers, and in total are not the only entities with national wire line scale and scope in their country. In the U.S., cable passes 92% of U.S. households per NCTA, and the telecom companies pass <85% per US Telecom. In another unique market structure circumstance, American telecom companies are not national-reach providers like in other developed countries. This means that American broadband companies have many times less the relative national scale and scope than their developed nation brethren do. Once again, this matters fundamentally because the open access economic case assumes the existence of, and pre-disposition to, monopoly market shares and monopoly economies of scale and scope to economically support a reseller model.
Third, the U.S. broadband market has more facilities-based, technology platform and business model competition than any other developed market in the world. The U.S. is the only developed country with a nationally-complete cable-broadband infrastructure in competition with the incumbent telecom companies. Moreover, no other developed country has four major wireless broadband competitors with national facilities-based footprints (Verizon, AT&T, Sprint, T-Mobile). No other developed nation has a strongly-funded fifth national wireless broadband/WiMax provider coming online like ClearWire. Yet again, this matters fundamentally because the open access economic case assumes the existence of, and pre-disposition to, monopoly market shares and monopoly economies of scale and scope to economically support a reseller model.
Fourth, the U.S. broadband market has more consumer-demand driven than any developed nation marketplace. Consequently, the U.S. is investing more than any developed nation in wireless broadband mobility. U.S. consumers strongly demand mobility and the facts prove it. According to the FCC, Americans have more wireless phones than wire line phones, use more wireless minutes than wire line minutes and are demanding wireless broadband more going forward in both relative and absolute terms over stationary broadband. Moreover, America’s uniquely responsive competitive system to consumer demand results in dramatically more value for American consumers than European consumers. According to FCC data, American consumers enjoy dramatically cheaper wireless rates and consequently use about four times more wireless minutes than European consumers. Thus, American consumers demand and get four times more value from wireless than European consumers do. Finally this matters, because the open access economic case assumes that a vibrant facilities-based competitive market does not or cannot exist, which the facts of the U.S. market clearly disprove.
Simply, if the U.S. and European markets are not substantially analogous in terms of market structure, economies of scale, and competitiveness of the markets, it is illogical to conclude that open access economics in the U.S. would be the same as they are in some European countries.
II. The fatal economic flaws in the case for the economics of open access:
The post by Google’s policy analyst focuses most on the Dutch KPN example and quotes KPN’s CEO who candidly embraces monopoly economics. “If you allow all your competitors onto your network, all services will run on your network, and that results in the lowest cost possible per service.” [bold added] The fatal economic flaw here is that the open access economic case assumes one national provider with monopoly share and economies of scale and scope, when no major American broadband provider has anywhere near broadband monopoly share or monopoly economies of scale or scope.
First, in proposing to impose open access economics, it begs the question which American industry/technology the Government would designate as the ‘national champion’ that would be expected to, or authorized to, accumulate monopoly broadband share… in order to achieve the necessary open access monopoly economies of scale and scope… in order to provide the lowest possible service cost to resellers like KPN does?
Would it be the current U.S. broadband leader, cable, which has never had any open access regulations or obligations historically?
Or would it be the #2 provider, the “incumbent telecom companies” which have less than half of the necessary open access economics monopoly share, and economies of scale?
Or would it be one of the four current major wireless broadband providers with much smaller broadband market share than cable or telecom, so consumers demand for mobility could be met?
This matters fundamentally because one provider needs to enjoy monopoly market share and economies of scale for open access economics to have a chance to resemble some European markets.
Second, this proposed case raises several important unanswered questions.
If the analogy of European markets is not logical and hence does not hold, where is the evidence that the assumed monopoly economies of scale required by open access will generate superior overall benefits to the consumer than competition currently delivers?
How will a mandated open access policy that assumes and requires monopoly share and economics, provide consumers with diversity of choice in technologies, business models, and mobility options that they enjoy currently?
What would happen to the stranded infrastructure and the majority of consumers that found themselves not with the government’s designated monopoly open access broadband provider?
How would the tens of billions of dollars in now unnecessary sunk alternative infrastructure costs be factored into the overall cost-benefit assessment of the wisdom of imposing a monopoly open access policy on a competitive marketplace?
Third, if the government decided to impose open access economics, but did not designate a broadband technology/competitor to be the ‘national champion’ that would be the beneficiary of monopoly economics, the perverse effect would be to practically impose unworkable infrastructure economics on all the competitors in the marketplace, because none have the requisite monopoly economies of scale and scope necessary to make open access economics work.
In the best case economics, cable or telecom providers would have less than half of the share and economies of scale or scope necessary to support workable open access economics.
In the case of the four major, facilities-based, wireless broadband providers, they would have only a small fraction of the monopoly scale and scope economies necessary to support open access resellers.
The economic reality of imposing monopoly open access economics on broadband competitors without monopoly scale would ensure that none of the existing broadband competitors could maintain their current viable economics or business model. Moreover, it would also prevent any return on investment on their expensive capital-intensive infrastructure, which in turn would end the current virtuous cycle and economic model which funds the upgrade of multiple broadband infrastructures to meet exploding demand for capacity. In addition to the real risk of discouraging the private infrastructure investment that funds 95% of the U.S. broadband/Internet infrastructure, the flawed economics of open access in a competitive market would logically put the U.S. taxpayer on the hook to make up for a going-forward private broadband investment shortfall of many tens of billions of dollars.
In sum, the proposed theory of open access economic viability depends on the fatal flaw in logic that European countries with open access are analogous to the U.S., when the evidence proves they are not at all analogous. Moreover, the open access economic case has a fatal economic flaw as well. It assumes incorrectly, that competitors with competitive shares and economics, have, or could have, monopoly shares and economies of scale, which the evidence and logic also disproves.
Is Some Internet Competition Devolving?
March 12, 2009
“eBay Retreats in Web Retailing,” the WSJ top story today, suggests some Internet competition may be devolving.
What does it mean that eBay has decided to retreat from competing in web retailing against Amazon and other online retailers of new goods, in order to focus on:
- Selling secondary-market/used goods, and
- Brokering overstocked, clearance, or out-of-season goods?
First, it is a stark reminder of the Internet’s unbeatable network effects where the strong tend to get stronger and the weak tend to get weaker.
- If eBay can’t compete against Amazon in web retailing, when it…
- Is the world’s largest online marketplace with ~84 million users and $8.5 billion in revenue;
- Has 149 million PayPal users and commands 9% share of the global e-commerce market;
- Has the 46th best global brand, twelve slots better than Amazon at 58th, per Interbrand‘s 2008 global rankings…
- … who can compete with Amazon in web retailing other than maybe WalMart?
- Moreover, if eBay forfeits the web retailing game in roughly the third inning of the nine inning game — what does that tell us about the rest of the Internet competition game?
Second, it suggests even less business model competition on the Internet going forward. There are basically three main business models on the Internet: advertising, transactions, and auction brokering and each are increasingly dominated by one player.
- eBay has 95% share of the world market for online auction listings, per Jupiter Research.
- Google has 70% share of the search advertising and search advertising syndication markets per Hitwise and the DOJ.
- Amazon has established enough of an advantage that eBay has forfeited the web retailing market.
Third, eBay’s decision to compete less directly with market leader Amazon, has some similarities with Yahoo’s ill-fated decision to compete less with Google by entering into an ad-partnership with Google. That Yahoo decision was ultimately blocked by the DOJ.
- In both cases, one of the relatively strongest and best informed competitors in a leading Internet market segment, decided to devolve competitively and cede some of their market share to the market leader.
Exit question: What does it mean for the future of Internet competition, overall and long term, if profitable Internet companies best-positioned to compete in key Internet markets choose to give up on fully competing?
America’s longstanding bipartisan policy commitment to promote broadband competition has succeeded in making broadband more affordable in the U.S. than any other country in the world according to the ITU.
- Data in a broad new study by the International Telecommunications Union (ITU) of 150 countries, show the U.S. substantially in the world lead with the lowest broadband prices as a percentage of per capita GNI. (See the tables on pages 56 and 66.)
- Interestingly, the data show broadband in the U.S. is 2.5 times more affordable than Japan, and three times more affordable than South Korea and France (p. 66).
I. This is the sixth independent study that undermines the assertion that America is not a worldwide competitiveness leader in the converging sector of Internet, broadband, communications, and information technology.
- ITU -2009: The U.S. has most affordable broadband in world.
- University of Calgary – 2009: The U.S. ranks #1 in the world in their “Connectivity Scorecard.”
- IMD Swiss Business School – 2008: The U.S. ranked #1 in the world for the 14th year in a row in the 2008 World Competitiveness Yearbook.
- World Economic Forum – 2008: The U.S. ranked #1 in competitiveness in its 2008-2009 Competitiveness Report.
- Economist Intelligence Unit: The U.S. was ranked tied for second in the world in “e-readiness” per their latest rankings.
- Neilsen – 2008: The U.S. ranked #1 of 16 countries surveyed in mobile Internet penetration.
II. Evidence/data also continues to mount that current U.S. policy promoting inter-modal competition is working. The U.S. has:
- The most affordable broadband in world per the ITU;
- The second lowest wireless prices in the developed world, save for Hong Kong, prompting ~4 times more usage in the U.S. than in Europe per the ACI.
- The only nationally-deployed alternative wireline broadband/cable infrastructure in the world.
- More major wireless broadband competitors (5: Verizon, AT&T, Sprint, T-Mobile, and Clearwire) than any country in the world.
- The most private investment in broadband infrastructure in the world, ~$120b over the last two years, and ~20 times the amount of public investment in broadband for unserved areas in the ~trillion dollar economic stimulus package.
Bottom line:
The preponderance of the evidence and independent data show that policies promoting inter-modal broadband competition are succeeding in both absolute and relative terms.
- If policymaking is truly data and evidence-driven, and policy makers look at all evidence objectively, and do not pick and choose data selectively by source or dimension, the policy case for continuing to promote broadband competition is compelling.
The data-driven case simply has not been made why America should jettison longstanding, bipartisan and successful public policy promoting broadband competition — in favor of unnecessary and risky net neutrality regulation.
- In this fragile battered economy, common sense dictates doing no harm, not creating new risk and uncertainty, and not discouraging private investment, economic growth, and job creation in one of the only relatively-healthy sectors of this deeply troubled economy.
Evidence continues to mount that the real problem on the Internet is that it is not as safe/secure as it needs to be — not the popular neutralist myth that it is not open/neutral enough. (Parts: I, II, III)
- I would be surprised, if the succinct evidence that I have assembled below, does not deeply trouble the reader.
- Moreover, it is also troubling that there is not more focus on the real and increasing problem of Internet safety/security because there is so much attention focused on making the Internet even more open and vulnerable than it already is.
The Mounting Evidence of a Growing Internet Security Problem:
- “Internet Threat: Hackers swarm bank accounts” USA Today
- “New and nasty banking trojans are on the rise on the Internet and attacking online bank accounts.”
- “U.S. not ready for Cyber Katrina” Per Obama Transition Advisor, CQ Politics
- “…it is unclear who would be in charge during a “cyber Katrina” and that the county is not ready to respond to such a situation. “Is it the FCC? Is it DHS? Is it Commerce? Is it the White House? Is it [the Department of Defense]? I don’t think anybody knows the answer to that, and that’s pretty darn scary…”
- “Attackers exploiting upatched flaw in Adobe Reader, Acrobat” WashingtonPost.com
- “…Acrobat software…contain a vulnerability that could allow attackers to take complete control over a system if the user were to open a poisoned PDF file.”
- “Black Hat; Google Gears offline data vulnerable” Information Week
- “One reason it’s so easy for an attacker is that vulnerabilities are so common. Over the three years from January 2006, through December 2008, 82% of Web sites had at least one security issue, according to WhiteHat Security, and for 63% of them, issues of high, critical, or urgent severity remain unaddressed.”
- “Thwarting an internal hacker” Wall Street Journal
- “Before he left, he slipped a logic bomb into the organization’s network…It was programmed to disable access to the server on which it was running, block any network monitoring software, systematically and irretrievably erase everything –and then replicate itself on all 4,000 Fannie Mae servers.”
- “Cyber terrorists learn how to take advantage of cyberspace” UPI.com
- “…low costs to entry, making it more attractive to terrorists … inclined to pursue low-end asymmetric strategies…”
- U.S Internet Security urgently needs new strategies” UPI.com
- “…an attack aimed solely at the United States, similar in scope to the cyberattacks suffered by Estonia in April and May 2007, could severely disrupt the U.S. economy and increase Americans’ concerns regarding their vulnerability.”
- “New culture of cyber-security needed, leaders say” Security Management
- “…the culture of safety that pervades industry could be duplicated to bolster security of the nation’s cyber infrastructure, which has grown essentially ubiquitous.”
- “Koobface worm resurfaces on Facebook, MySpace” WashingtonPost.com
- “The bogus plug-in instead installs a Trojan horse program that gives Koobface author(s) control over the infected user’s computer…the worm also hijacks the victim’s social networking account, by sending out additional invites in order to spread the worm to the victim’s friends and contacts.”
- “Facebook plagued with security problems” Times of the Internet
- “…Facebook has been hit by five distinct security problems during the past seven days.”l
- Malware Trends, Help Net Security
- “In addition to the increase in advanced Web-based attacks, we think the economic crisis will be the basis of many new attacks.”
- ”Spike in cyber attacks on U.S. Government Computers” MX Logix Security News
- “…Cybercriminals increased their attacks on federal computer networks by 40 percent last year.”
Bottom line:
Internet safety/security issues are only growing in amount and seriousness.
- Common sense dictates more focus on making the current Internet more safe and secure rather than focusing on how to make it more open and vulnerable to the Internet’s growing saftey/security problems.
