Are All CISPA Supporters What They Appear to Be?

Editor’s note: This post by  provides context on cyber conflict, an area of interest at the nexus of national security and technology. – bg

It appears that the controversial H.R. 3523, Cyber Intelligence Sharing and Protection Act (CISPA), will go up for a vote in the House this coming week. Various privacy and civil liberties advocacy organizations have expressed concern over the legislation, which they say does not include sufficient protections for individuals’ personal information and opens the door to government “cyber-spying” on American citizens.

In contrast, supporters of the legislation argue that it is necessary to combat a growing list of cyber threats against government and industry. Among those supporters are a number of corporations and industry trade associations. Most notable among these are well-known technology companies like Facebook, AT&T, Microsoft, and IBM, defense contractors like Lockheed Martin and Boeing, and industry associations like the CTIA, National Cable & Telecommunications Association, and the U.S. Chamber of Commerce.

As someone who researches and writes about the cybersecurity debate in the United States, I was particularly interested in one organization, the Cyber, Space & Intelligence Association (CSIA). I had not heard of the organization before, so my interest was immediately piqued and I began to do some research. Though the organization appears to be an industry association, the available evidence indicates that it is more likely an association of one.

The man behind CSIA is Richard Coleman. In addition to identifying himself as “chairman” of the organization, Coleman is also a fellow at the Potomac Institute for Policy Studies and a senior associate with the Washington, DC consulting and “governmental relations firm,” Potomac Advocates.

But it would appear that Coleman is the only man behind the supposed industry association. There are a number of indicators that this is the case. First, the organization does not have a web presence, which is not the case for the other organizations supporting CISPA. Second, in his letter of support for CISPA, Coleman provided a contact email address that is a personal Gmail account instead of an email address associated with the organization. Third, the physical address provided for CSIA in the letter of support is a single family home that is personally owned by Coleman and located in a residential neighborhood of McLean, Virginia. Fourth, none of the cybersecurity experts that I asked had ever heard of the CSIA.

One of those industry insiders was Aaron Barr, former CEO of HBGary Federal. A search of Coleman’s Gmail address reveals that he and Barr had been in contact in fall 2010 and that Barr attended an event organized by Coleman. Nonetheless, Barr said that he has never heard of CSIA.

But that email interaction with Barr does provide some clue as to CSIA’s origins. In his emails to Barr, Coleman identified himself as “chairman” of “Cyber Fajitas & Margaritas,” which Coleman describes on his Potomac Advocates profile as “a successful Government only Cyber leader dinner group.” One of those dinner’s in September 2010 included a speech by Vice Admiral (Ret) Mike McConnell, Executive Vice President of Booz Allen Hamilton, former Director of National Intelligence, former Director of the National SecurityAgency, and leading cybersecurity proponent.

Some time between September 2010 and September 2011, however, Coleman was promoted from chairman of a dinner group to chairman of his own industry association. But how does a one-man association based out of a private home in McLean, VA find its way onto a list of supporters that includes organizations like Facebook and Microsoft? One answer might be found in Coleman’s campaign contributions, which includes donations to both co-authors of CISPA, Mike Rogers (R-MI) and Dutch Rupersberger (D-MD), as well as Lamar Smith (R-TX), the driving force behind SOPA.

The House Permanent Select Committee on Intelligence has provided a list of letters of support from various organizations. Providing such a list does two things. First, it allows for a level of transparency. The public is better able to know which powerful organizations in society are supporting this legislation. The inclusion of CSIA on this list sparks a number of basic questions: When was CSIA founded? Who does it represent? What are its mission and goals? What other cybersecurity policy initiatives does it support? Is it even a real organization? All of this remains unclear. Coleman has not responded to a request for information that I sent to the Gmail address that he listed in his letter of support.

Second, Congressional cosponsors of the bill use the list as evidence of CISPA’s necessity and efficacy. If well respected organizations such as these support the legislation, then it must be a good idea. Or so the logic goes. But in this case, there is reason to believe that at least one of these organizations, CSIA, is not what it appears to be. The support of one man is not the same as support from an entire industry. At least in this one example, the implication is that there is actually less support for CISPA than its list of supporters would seem to imply. In turn, this raises a number of other questions: Did the House committee vet the letters of support before posting them to their website? Do they really know the organizations that are supporting the legislation? Are there other associations-of-one among the list of CISPA supporters?

In short, the public deserves to know which organizations are supporting this legislation, especially if it turns out that some of them are not what they appear to be.

Do you know more about the Cyber, Space & Intelligence Association? If so, please feel free to leave a comment.

[This piece is cross-posted from Forbes.com.]

Sign up for your free CTOvision Pro trial today for unique insights, exclusive content and special reporting.

CTOvision Pro Special Technology Assessments

We produce special technology reviews continuously updated for CTOvision Pro members. Categories we cover include:

  • Analytical Tools - With a special focus on technologies that can make dramatic positive improvements for enterprise analysts.
  • Big Data - We cover the technologies that help organizations deal with massive quantities of data.
  • Cloud Computing - We curate information on the technologies enabling enterprise use of the cloud.
  • Communications - Advances in communications are revolutionizing how data gets moved.
  • GreenIT - A great and virtuous reason to modernize!
  • Infrastructure  - Modernizing Infrastructure can have dramatic benefits on functionality while reducing operating costs.
  • Mobile - This revolution is empowering the workforce in ways few of us ever dreamed of.
  • Security  -  There are real needs for enhancements to security systems.
  • Visualization  - Connecting computers with humans.
  • Hot Technologies - Firms we believe warrant special attention.

 

Recent Research

What The Enterprise IT Professional Needs To Know About Git and GitHub

3D Printing… At Home?

Tech Firms Seeking To Serve Federal Missions: Here is how to follow the money

Creating The New Cyber Warrior: Eight South Carolina Universities Compete

Mobile Gamers: Fun-Seeking but Fickle

Update from DIA CTO, CIO and Chief Engineer on ICITE and Enterprise Apps

Pew Report: Increasing Technology Use among Seniors

Finding The Elusive Data Scientist In The Federal Space

DoD Public And Private Cloud Mandates: And insights from a deployed communications professional on why it matters

Intel CEO Brian Krzanich and Cloudera CSO Mike Olson on Intel and Cloudera’s Technology Collaboration

Watch For More Product Feature Enhancements for Actifio Following $100M Funding Round

Navy Information Dominance Corps: IT still searching for the right governance model

solid
About SeanLawson

I am a professor in the Department of Communication at the University of Utah. I write about the relationships among science, technology, and security with an emphasis on new media, information, and communication technologies. Topics of interest include cybersecurity policy, surveillance, network-centric warfare, and military use of social media. My doctorate is from the Department of Science and Technology Studies at Rensselaer Polytechnic Institute. I am the author of Nonlinear Science and Warfare: Chaos, Complexity, and the U.S. Military in the Information Age. Web | Twitter