Feds shape cyberwarning strategy

[William Knowles <wk () C4I ORG>]

http://www.fcw.com/fcw/articles/2000/0814/news-tritak-08-14-00.asp

BY Diane Frank
08/14/2000

Under pressure from Congress to better coordinate the governments
response to computer viruses and other cyberattacks, the National
Security Council has developed a plan outlining roles and
responsibilities for federal cybersecurity organizations.

Under the plan sent out to those organizations and federal agencies
late last month the National Infrastructure Protection Center, working
with the General Services Administrations Federal Computer Incident
Response Capability office, will take the lead in alerting agencies to
cyberattacks and will coordinate any immediate response.

The memo identifies the organizations and agencies to be involved in
various kinds of attacks and defines the criteria for NIPC to call a
meeting of the full cybersecurity community.

NSC working with Richard Clarke, the national coordinator for
security, infrastructure protection and counter- terrorism will step
in whenever a security response requires a broad policy decision,
according to the plan.

"This institutionalizes how we will share information both at an
operations level and a policy level when cyber-incidents occur," said
Mark Montgomery, director of transnational threats at NSC.

Many observers have called for coordination among organizations such
as NIPC, the Critical Infrastructure Assurance Office (CIAO) and NSC
itself.

NIPC, based at the FBI, was established in 1998 to serve as the
governments central organization to assess cyberthreats, issue
warnings and coordinate responses. The CIAO was set up to help
agencies develop and coordinate security policies and plans.

"The proliferation of organizations with overlapping oversight and
assistance responsibilities is a source of potential confusion among
agency personnel and may be an inefficient use of scarce technical
resources," said Jack Brock, director of governmentwide and defense
information systems at the General Accounting Office, speaking before
Congress in February.

The calls for coordination became louder after the "I Love You" virus
in May affected almost every federal e-mail server and taxed many
agencies resources. The lack of formal coordination and communication
led to many more agencies being affected by the incident than
necessary, according to GAO.

Although the many warning and response organizations work together,
the NSC memo lays out a standard process for coordination, said John
Tritak, director of the CIAO.

In the past, that type of coordination happened an ad hoc basis, an
administration official said. Now, as laid out in the memo, the
process is set so that it can last through the November election and
into the next administration, he said.

"Some of the formal mechanisms that existed were frankly ineffective
in the tasks they were meant to do," another administration official
said. "For circumstances that are extraordinary, we now have a process
where the NIPC will coordinate the operational response, and the
National Security Council will head the policy response."


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".