LAPD in the cross hairs
Christopher Dorner may be dead, but the police response to the crisis raises troubling questions.
The manhunt for Christopher Dorner in one sense ended successfully: Assuming that the body recovered from the burnt-out home in Big Bear is his, Dorner's rampage is over, and he won't harm anyone again. Yet it's hard to cheer an episode that left four people dead and that featured police officers firing wildly on innocent civilians in their determination to eradicate a man who had threatened them.
It's understandable that police would be enraged by Dorner. He openly declared war on all law enforcement officers and embarked on a killing spree specifically aimed at his former colleagues. But how does that justify the actions of the officers who shot into a truck driven by two newspaper carriers, Maggie Carranza and Emma Hernandez? Carranza is a 47-year-old Latina who was driving a blue Toyota with Hernandez, her 71-year-old mother; officers somehow mistook those two women for a burly African American man driving a gray Nissan. And, in their zeal or under the impression that any force would be tolerated in these circumstances, officers fired away, hitting Hernandez twice in the back. Both women lived, testament to the poor aim, not the good judgment, of the officers.
To be clear: Their actions would be worrisome even if Dorner had been behind the wheel of that truck. Force, including lethal force, is a necessary part of police work, but it may be used only to protect officers or others from harm. It is to be wielded to ensure safety, not to exact vengeance. While it is especially offensive to have that force used against innocent people, it's even improper to use it in this fashion against the guilty.
FULL COVERAGE: The manhunt for Christopher Dorner
The Los Angeles Police Department has committed itself to reviewing Dorner's dismissal and the allegations he made in his loopy online manifesto . That's fine, though the results of that inquiry seem fairly obvious: It would shock any fair-minded observer of today's LAPD to discover that academy recruits were, as Dorner claimed, breaking into verses of songs of the Hitler Youth. Still, self-reflection is valuable and should offer a reminder that while racism is no longer openly practiced at the LAPD, eliminating even its vestiges should remain a priority for an institution once afflicted by it.
The more important inquiry, however, ought to be the department's analysis of the shocking and wrongful assault on the truck carrying Carranza and Hernandez. Overzealousness may be understandable in the terrifying circumstances that confronted Southern California over the last week, but police work depends on restraint and care, both of which were lacking.
From the White House
Improving the Security of the Nation's Critical Infrastructure
The Nation increasingly relies on the Internet to run the systems that light our houses, provide gas for our cars, and ensure our water is safe to drink. Collectively, these diverse systems represent our cyber critical infrastructure. Linking our critical infrastructure to the Internet brings considerable benefits, but our daily reliance on this critical infrastructure means that we are vulnerable to disruptions in our ability to use it. Unfortunately, the threats against our cyber critical infrastructure are numerous, ranging from sophisticated nation states to common criminals.
The government's senior-most civilian, military, and intelligence professionals all agree that inadequate cybersecurity within this critical infrastructure poses a grave threat to the security of the United States. Most recently, we have seen an increased interest in targeting public and private critical infrastructure systems by actors who seek to threaten our national and economic security. Along with dissuading their actions, we must better protect the critical systems that support our way of life.
Because of the importance of our cyber critical infrastructure, and the seriousness of the threats, the President issued an Executive Order yesterday directing federal departments and agencies to use their existing authorities to provide better cybersecurity for the Nation. These efforts will by necessity involve increased collaboration with the private sector and a whole-of-government approach.
In developing the order, the Administration sought input from stakeholders of all viewpoints in industry, the public sector, the legislative branch, and the advocacy community. Their input has been vital in crafting an order that incorporates the best ideas and lessons learned from industry experience, legislative efforts, and successful federal efforts. Over the course of the past six months, we hosted over 30 organizations, representing all 18 critical infrastructure sectors, and heard from over 200 companies directly. We also met with trade associations representing an additional 6,000 companies, over $7 trillion in annual economic activity, and over 15 million employees to discuss their concerns and ideas for solutions. As a result of our outreach, numerous stakeholders responded positively to the Executive Order.
The Executive Order: Improving security for our cyber critical infrastructure presents a set of complex issues. The Executive Order addresses the three areas that are necessary to address the problem holistically: information sharing, a flexible risk-based Framework of core practices based on existing standards, and privacy protections. (For more details, see our Fact Sheet on the Executive Order.)
Information Sharing . It is a national priority to efficiently, effectively, and appropriately increase the volume, timeliness, and quality of cyber threat information shared with authorized individuals and companies. One of the primary efforts of the Executive Order is to better enable information sharing on cyber threats between the private sector and all levels of government. The Executive Order fosters improved public-private sharing in three important ways.
First, it expands the Department of Homeland Security's Enhanced Cybersecurity Services program to provide near real-time sharing of information on cyber threats with critical infrastructure companies and state and local governments.
Second, it directs federal agencies to provide timely notification to companies if we have information indicating that a company is the target or victim of a cyber intrusion. Finally, the Executive Order directs DHS to expedite the processing of clearances for appropriate state and local government and private sector personnel to enable the federal government to efficiently share cyber threat information at the sensitive and classified level.
Cybersecurity Framework : The Executive Order directs the National Institute of Standards and Technology (NIST) to lead the development of a framework to reduce cyber risks to critical infrastructure. NIST will work with industry to identify existing voluntary consensus standards and industry best practices to incorporate into the framework.
The Administration recognizes that there are private-sector cyber leaders in our critical infrastructure sectors who are already implementing strong cybersecurity controls, policies, and procedures. Rather than burdening such organizations with more to do, the Executive Order puts these innovators at the core of informing and driving the development of voluntary best practices for the framework. In this way, we can distil common cybersecurity practices from the experts that know them best and leverage them to improve the security of the Nation's critical infrastructure.
The framework does not dictate “one-size fits all” technological solutions. Instead, it promotes a collaborative approach to encourage innovation and recognize the differing needs among critical infrastructure sectors. Organizations who want to upgrade their cybersecurity will have the flexibility to decide how best to do so using a wide range of innovative products and services available in the marketplace.
Privacy and Civil Liberties Protections : The Executive Order reflects the Administration's deep commitment to ensuring that processes for sharing cyber threat and incident information between the federal government, state, and local government, and private companies incorporates rigorous protections for individual privacy and civil liberties. Accordingly, the Executive Order directs departments and agencies to incorporate privacy and civil liberties protections into cybersecurity activities based upon widely-accepted Fair Information Practice Principles, and other applicable privacy and civil liberties frameworks and polices. The Executive Order also requires regular privacy assessments and public reporting of any privacy and civil liberties impacts.
More Action is Needed: This Executive Order represents an important step in improving cybersecurity protections for our critical infrastructure, and reflects recommendations from many different groups, including the bi-partisan Commission on Cybersecurity for the 44th Presidency and the Recommendations of the House Republican Cybersecurity Task Force. However, more is needed. Executive action alone cannot create the new tools and authorities needed to meet the Nation's collective cybersecurity challenges. The Administration continues to urge Congress to pass legislation to more fully address our Nation's cybersecurity needs.
For decades, industry and all levels of government have worked together to protect the physical security of critical assets that reside in private hands - from airports and seaports to national broadcast systems and nuclear power plants. Similarly, we must now work in partnership to protect the cyber critical infrastructure systems upon which so much of our economic well-being, national security, and daily lives depend.
As we have made clear, industry has a significant role to play as well. As a first step, I would urge Chief Executive Officers (CEOs) to ask their team these five questions and ensure that they are satisfied with the answers. Additionally, I ask that industry, academia, the advocacy community, and all who are interested, participate in the NIST process to develop the Cybersecurity Framework. Visit NIST's website to view NIST's request for information (RFI) and find out how to participate.
As the President's Cybersecurity Coordinator, I look forward to engaging all stakeholders in this important national mission.
Michael Daniel is Special Assistant to the President and Cybersecurity Coordinator.