Former Mayor Rudy Giuliani has been named the President’s Cybersecurity Advisor. There is a lot of public opinion from infosec and hacker communities alike since Rudy’s website, Giulianisecurity.com, had security vulnerabilities (and now no longer resolves).
Giuliani introduced CompStat to the NYPD…
CompStat was started by Jack Maple when he was a Transit police officer in New York City. The system was called Charts of the Future and was simple – it tracked crime through pins stuck in maps. Charts of the Future is credited with cutting subway crime by 27 percent.
The original commanding officer of the Transit Police Crime Analysis Unit was Lieutenant Richard Vasconi. Chief of New York City Transit Police William J. Bratton was later appointed Police Commissioner by Rudolph Giuliani, and he brought Maple’s Charts of the Future with him. Not without a bit of struggle, he made the NYPD adopt it after it was re-branded as CompStat, and it was credited with bringing down crime by 60%. There was a CompStat meeting every month, and it was mandatory for police officials to attend. The year after CompStat was adopted, 1995, murders dropped to 1,181. By 2003, there were 596 murders—the lowest number since 1964.
Later on, Giuliani introduced CapStat, Citywide Accountability Program, a derivative of CompStat.
Rudy’s process is quoted in the book Traction: Getting a Grip On Your Business, which is easy to read, a best seller, and a must read for everyone!
Now here’s the thing though… Giulianisecurity.com was a static, informational website, that had nothing really on it. Just some public data and a method to reach out to contact/contract his firm. Should we the people care that much or put a lot of thought into that?
It’s reputational and a loss to our confidence that Giulianisecurity.com was sitting on a four year old, outdated Joomla platform. In my opinion, that is a horrible resume for a position as a CyberSecurity Advisor for any company, let alone to the President (I say as I check my patches on my own website). That being said though, I think there can be some positive changes in how the management of cyber-threats can be met with.