Interesting People mailing list archives
IP: RE: Cyber Attack Within the Next 2 Months?
From: David Farber <dfarber () earthlink net>
Date: Mon, 01 Jul 2002 08:17:33 -0400
-----Original Message----- From: "Ian Koxvold" <ian-koxvold () credo-group com> Date: Mon, 1 Jul 2002 11:29:19 To: <farber () cis upenn edu> Subject: RE: Cyber Attack Within the Next 2 Months? Professor Farber, This seems rather weak. Of course IT security specialists are calling for "accelerated cooperation between the public and private sector" - they'll get paid for it. The IT industry has ridden the Y2K boom, the internet boom (and bust), and are now looking to ride a cyber-security boom. The Business Software Alliance has, for whatever reason, called for the Department of Homeland Security to abjure integrating NIST's Computer Security Division into their IT security planning, in favour of a Defence Advanced Research Projects Agency model. In a letter to Chairman Tom Davis on Department of Homeland Security, Robert Holleyman (President and CEO of the Business Software Association) stated: "Concern has been expressed that incorporating NIST's CSD within DHS will result in much greater responsiveness to security concerns without regard to technological feasibility or cost... At a minimum we think the legislation should explicitly state that the DHS is not authorized to develop cyber security technology specific standards or to require the use of specific hardware or software or to develop cyber security technologies that may compete against those developed by industry." On the one hand the BSA is pushing a panic button with a sensationally-worded press release about the imminence of cyber-attack, while on the other hand it is lobbying against government security restrictions that might inconvenience industry. This may be less surprising when you consider that BSA members include Adobe, Apple, Autodesk, Bentley Systems, Borland, CNC Software/Mastercam, Dell, Entrust, HP, IBM, Intel, Intuit, Macromedia, Microsoft, Network Associates, Novell, Sybase, Symantec and Unigraphics Solutions (an EDS company). In short, the BSA's members include nearly every large company with a vested interest in making sure that the government pays the private sector a lot of money to manage its IT security policy. Best wishes, Ian Koxvold Credo, Charter House, 2 Farringdon Road, London, EC1M 3HP -----Original Message----- From: Dave Farber [mailto:dave () farber net] Sent: Wednesday, June 26, 2002 1:42 PM To: ip Subject: IP: Cyber Attack Within the Next 2 Months? While I think the risks are high in many places in the USG, I doubt the reality of this. How about The U.S. government is at risk for a major earthquake in DC in the next Year and ... ------ Forwarded Message From: Ballman <Ballman () usna edu> Organization: EE Dept Date: Wed, 26 Jun 2002 08:37:57 -0400 To: dave () farber net Subject: Cyber Attack Within the Next 2 Months? ==================================================== GOVERNMENT AT RISK FOR MAJOR CYBER ATTACK IN NEXT 12 MONTHS Pros Say More Resources, Secure Information Sharing Needed ==================================================== The U.S. government is at risk for a major cyber attack in the next year and agencies are not adequately prepared to defend themselves, according to a survey of information technology professionals released today by the Business Software Alliance. Forty-nine percent of IT professionals think it is likely the government will be hit by a major cyber attack in the next 12 months, with a third of those saying it is extremely likely, according to the study by Ipsos Public Affairs. Of those IT professionals most expert on security issues -- those responsible for their company's computer and Internet security -- 59 percent think a major attack against the government is likely in the next year, the survey said. "It's sobering that IT professionals predict a major cyber attack against the United States in the next 12 months," said Robert Holleyman, president and CEO of the BSA. "Even more alarming, nine out of 10 IT professionals believe that the threat of a major cyber attack is the same or worse since September 11." Holleyman said the survey "underscores the need for accelerated cooperation between the public and private sector to ensure that sound cyber security technologies are deployed for homeland security." One of the key findings of the survey was the belief of IT professionals that the government needs to devote more time and resources to cyber security -- even more than it did for Y2K. This is a theme the BSA has been pushing for months in meetings with senior White House officials. BSA member company CEOs -- during the group's Global Technology Summit in December and again a few weeks ago at a White House meeting -- have reiterated their commitment to help the administration establish a more concerted cyber security initiative. Highlights of the BSA Cyber Security Survey include: * 72 percent of IT professionals say there is a gap between the threat of a major cyber attack against the government and the government's preparedness. * IT professionals, by a margin of 10-to-1, are more likely to say the U.S. government security measures are not at all adequate than extremely adequate. * Only one in four IT professionals say the government has built adequate security measures into its e-government initiatives, while one in three say the security measures are inadequate. * 96 percent of IT professionals say the government needs to employ technologies like encryption to secure its sensitive data so hackers will not be able to access it even if they break into the government's computer systems. The survey of 395 information technology professionals was conducted by Ispos Public Affairs between June 5 and June 7 and has a margin of error of plus or minus 5 percent. The poll was conducted online and surveyed IT professionals from companies of all sizes in a variety of business sectors. For a full copy of the study results, visit www.bsa.org. --------------------------------------------------------- DISCLAIMER: The information contained in this E-mail is privileged, confidential and protected from disclosure. If you are not the intended recipient or think that you have received this e-mail in error, please notify the sender. Thank you for your co-operation. --------------------------------------------------------- For archives see: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- IP: RE: Cyber Attack Within the Next 2 Months? David Farber (Jul 01)