Interesting People mailing list archives
I White House Releases Cybersecurity Plan
From: Dave Farber <dave () farber net>
Date: Fri, 14 Feb 2003 14:04:54 -0500
------ Forwarded Message From: "Denning, Dorothy USA" <dedennin () nps navy mil> Date: Fri, 14 Feb 2003 10:07:02 -0800 Subject: White House Releases Cybersecurity Plan The National Strategy to Secure Cyberspace is at http://www.whitehouse.gov/pcipb/cyberspace_strategy.pdf . The Washington Post, Feb. 14, 2003 To view the entire article, go to http://www.washingtonpost.com/wp-dyn/articles/A7970-2003Feb14.html By Brian Krebs The Bush administration today quietly released a scaled-back cybersecurity strategy outlining steps government, industry and citizens should take to protect computer systems from online attacks. The strategy, which President Bush signed on Jan. 31, has been in development since shortly after the Sept. 11, 2001, terrorist attacks. The majority of the document directs the government to lead by example by tightening the security of federal information systems. One section of the plan encourages government contingency planning for cybersecurity attacks, including a disaster recovery plan in the event that a major node on the Internet is disabled. Among other cybersecurity defenses, it calls for a network operating center to monitor the health of the Internet and detect attacks and virus outbreaks before they cause much damage. The plan also calls on home and small business computer users to install firewall and anti-virus software. It also calls for the creation of a public-private dialogue to devise ways that the government can reduce the burden of security on home users and businesses. Older versions of the plan suggested halting the use of wireless networks in federal and civilian agencies until their security was improved. The final version says only that federal agencies should follow wireless security guidelines outlined by the National Institute of Standards and Technology. Other ideas in the plan include the possible development of a "cyberspace academy," White House partnerships with the organizations that manage the Internet's architecture and information analysis centers at higher-learning institutions. "We have a strategy and that's good. The key now is execution," said Daniel Burton, vice president of government relations at Entrust Inc., an Internet security services firm based in Dallas. Burton said that the plan is strong on government cybersecurity protections, but "silent" on what the private sector can do. "The private sector controls 85 percent of critical infrastructure. Unless the private sector voluntarily steps up and really strengthens its info security governance, we're going to see government mandates," he said. The White House released the document on the Office of Homeland Security's Web site this morning, the same time world attention was focused on the United Nations debate on Iraq's disarmament. The quiet release stands in stark contrast to original plans to release the cybersecurity strategy at a Silicon Valley event. The administration had picked Sept. 19, 2002, as the plan's original release date, inviting numerous high-tech luminaries to attend a ceremony at Stanford University in Palo Alto, Calif. Two days before that date, however, the White House postponed the release, saying the plan needed more input from the business community. The White House decided against a high-profile ceremony because of its ongoing focus on possible war with Iraq. "There is potential that if things heat up with Iraq that we may just want to get this out and not do big hurrah," an administration official said earlier this week. The strategy's release comes at a time when the government's cybersecurity bureaucracy is in a state of major change. Two weeks ago, White House cybersecurity czar Richard Clarke resigned from his post. The position is now filled by Clarke's deputy, former Microsoft Corp. Chief Security Officer Howard Schmidt. The White House also has been unable to fill top leadership posts at the Homeland Security Department's division charged with protecting the Internet and other communications systems from attacks. The administration's first choice to run the Information Analysis and Infrastructure Protection Division was former Defense Intelligence Agency Director James Clapper. Clapper, a retired Air Force lieutenant and the head of the National Imagery and Mapping Center, unexpectedly pulled his name from consideration. John Tritak, former director of the Critical Infrastructure Assurance Office, is a likely pick as deputy undersecretary for infrastructure protection at the Homeland Security Department, though he recently left government service. Another noted name in online security, Ron Dick, director of the FBI's cyber threat and warning bureau, also recently resigned from government service. Today's release of the strategy comes three days after the FBI's National Infrastructure Protection Center warned of a possible increase in "global hacking activities" because of U.S.-Iraqi tension. The administration also is considering ways to mount coordinated cyberattacks against enemy computer networks, The Washington Post reported last week. ------ End of Forwarded Message ------------------------------------- You are subscribed as interesting-people () lists elistx com To unsubscribe or update your address, click http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- I White House Releases Cybersecurity Plan Dave Farber (Feb 14)