It’s Friday, so allow me to be a bit aloof as I meander around conceptually for a few minutes.

We hear constant talk of security in the IT space, from desktops to networks to servers to enterprise applications to how the top-grade SaaS/on-demand companies can possibly harden client datastores to keep the important bits contained and private.  Some of the most provocative writing out there is on this very topic (to us, at least).

But step back for a second – actually, step way back – and ask yourself, “Who protects the Internet from attacks?  Who protects the Internet as a whole here in the US from outside attacks?”  In other words, aside from advancing protocols and standards and architecture, who really owns this whole security thing for the United States?

In an interview with TechCrunch, US STRATCOM commander and head of all military cyber-warfare General Kevin Chilton gives a great overview of security operations as they relate to the Internet (including the military’s inherent obligation to defend the .mil networks) and the overall magnitude of the security problem.  However, when asked, “Who protects us on the internet?”, Chilton recalls a reply he got via email from cyberlaw expert Jonathan Zittrain:

“Basically no one. At most, a number of loose confederations of computer scientists and engineers who seek to devise better protocols and practices — unincorporated groups like the Internet Engineering Task Force and the North American Network Operators Group. But the fact remains that no one really owns security online, which leads to gated communities with firewalls — a highly unreliable and wasteful way to try to assure security.”

It’s almost as if we’re counting on the complexity, evolving topography of the Internet and efforts of a few non-federated compsci groups to serve as the primary obstacle to grand-scale cyberattack on the Internet at large.

Something to ponder loosely in the larger security question.

Have a great weekend, everyone.