RSA USA Representative Michael McCaul (R-TX), head of the US House Committee on Homeland Security, seemed a tad off-message today at the RSA USA security conference.
He told an audience in San Francisco this morning that his committee had examined proposals to demand mandatory backdoors in encryption products and software to help crimefighters snoop on people – and rejected the idea outright. It was not in American interests to weaken security we all depend on, he said.
“I believe creating backdoors into our platforms would be a huge mistake,” the Republican warned. “It would put our personal data at risk and provide the perfect platform for intrusion.”
These views are somewhat at odds with President Donald Trump, who has said technology companies should be backdooring their products to help the Feds and police. FBI director James “adult conversation” Comey won’t be amused by McCaul's conclusions, either.
There is a problem with criminals “going dark” using encryption, McCaul accepted, so he and others are trying to put together an official commission to investigate the best way forward, using the finest minds in the security industry and government.
McCaul also clashed with official policy by saying that the US needs more skilled immigrants if it is to secure its online borders. America’s doors “must stay open,” he said, and while the H-1B system needs to be “streamlined,” we need to recruit the top talent to the US’s side.
That said, America needs to make sure it’s nurturing its own talent. The government cybersecurity scholarship scheme was bearing fruit, he said, and he was also working on raising salaries for government IT staff so that the state isn’t losing talent to private industry.
McCaul said there was “no doubt in my mind” that Russians hackers tried to influence the last election, and that his committee had been briefed on the matter. He said he was “disappointed” in the reaction of both political sides of Congress to the hacking, saying that there was a worrying lack of enthusiasm for action.
“We had the information to stop the 9/11 attacks but didn’t connect the dots, and now we’re in the same place on cyber,” he said. “We’re fighting 21st century threats with 20th century technology and a 19th century bureaucracy.”
The US must reserve the right to strike back when hacked, he said, particularly where such incursions were an attempt to disrupt the democratic process. That was a “red line” that mustn’t be crossed, he opined. ®