Of most concern to me as someone who works in cyber is the fact that the Center for Information Security was the middle-man who took the request from the SoS office and forwarded to Twitter for action.
CIS is a non-profit who's mission is to "make the connected world a safer place by developing, validating, and promoting timely best practice solutions that help people, businesses, and governments protect themselves against pervasive cyber threats." Anyone working in cyber or info sec is familiar with their work as they provide guidance on how to protect info systems. I've used their guides for years.
Now why does does a trusted non-profit maintain a mailbox for "misinformation", and what role are they playing in internet censorship? The information security business is supposed to be completely objective. It’s a complete breach of trust. Then again tell that to CrowdStrike.
I have been out of IT for a good long while now but this is the result of how the nation shifted away from the proverbial "IT Departments".
Instead of CompanyA doing its own thing, they find that for whatever reason it's better to have CompanyX,Y,Z do it for them. (This concept applies in all sorts of things today; not just IT)
There are companies today whose only source of customer communication (sometimes internal communication!) is through a tweet or reddit or discord.
Except in the case, with CIS and many others, it's the federal government that have out sourced what they should be doing in an effort to "save money" or "to be neutral". These non profits or ngos end up costing unlimited money and are almost always run by evil phsycos or useful idiots.
Finally to finish the example above, the outsourced "CompanyX,Y,Z" now have so much business they become the "de-facto" thing in their field. They provide all the service, create all the tools, implement all the standards, attaching itself to everything it can.
Totally agree. I found a "Rumor Control Page Startup Guide" on CISA’s Mis-, Dis-, and Malinformation (MDM) portal which says "CIS can be leveraged to report real-time MDM via email at [email protected]."
So, through some kind of agreement CISA, which is a Department of Homeland Security Agency, is outsourcing "election misinformation control" to CIS.
https://www.cisa.gov/sites/default/files/publications/rumor-control-startup-guide_508.pdf
I 'member seeing that too.
One of the first things I asked my boss when I was hired in IT was “why the fuck do you pay for AWS when you have the infrastructure”.
His response: “let Amazon deal with maintenance”
There is no such thing as "Trusted non-profit"
Agreed. However I’ve been working in infosec for about 20 years and CIS has always been the go to for help. So much so that degree programs refer to them as being “trusted”.
I understand. But as you know in your field, the "trusted" designation of vendors like this is usually based on successful validation of their software or processes or certificates they obtain/provide to clients. Has nothing to do with their morals or political biases.
True. I see this as a situation where a "trusted" organization has leveraged it's reputation. If I had to speculate they probably got a pile of money as a "grant" or something.
Good, probably important, question. o7
Agree
If we are talking about businesses that are supposed to be completely objective, but were subverted by the enemy, this has to join a long long long list.
the word "cyber". Stopped reading right there. It's for non-technical people and managers that are out of their depth.
Sorry to confuse you. The technology is not the point, it’s the fact that info sec and “cyber” is supposed to be totally objective and independent. Beyond securing systems, audits, etc we should be nowhere near the “controlling misinformation” business.
Everything after that I read in Mike Lindell's voice
Yes!