Information Security News mailing list archives
Feds' security role may yield business benefits
From: William Knowles <wk () C4I ORG>
Date: Tue, 17 Oct 2000 02:15:23 -0500
http://www.infoworld.com/articles/hn/xml/00/10/16/001016hnnist.xml Monday, Oct. 16, 2000 11:17 am PT By Jennifer Jones BALTIMORE -- GARNERING low marks on IT security efforts and realizing that many of the nation's most sensitive networks are now situated in the private sector, the federal government more than ever is drumming up security-related partnerships with Corporate America. Here at the National Information Systems Security Conference running through Oct. 19, high-level officials pounded on government IT product buyers to push harder on vendors for increased security features in commercial products. National Security Agency Director Lieutenant General Michael Hayden likened the evolving IT security relationship between government and industry to the interaction between the nation's airline industry and the U.S. Air Force. Where the Air Force has led the way and come to symbolize the pinnacle of the nation's aviation industry, so must the federal government become the "security expression" of private industry, he said. Hayden was one of three keynote speakers at the conference, which is sponsored by the Department of Commerce's National Institute of Standards and Technology (NIST). Hayden said specifically that he sees an increased role in government efforts to evaluate commercial products on their security features. NSA will also work more closely with industry on product development, because the NSA's mission is to help find products with stringent enough security measures to meet the needs of the Defense Department. NSA works with NIST, which has a similar commitment to civilian agencies. The director of NIST's IT Laboratory, William Mehuron, said commercially available products continue to come up short on security measures government users need. "Much of the software now available has not had security as a priority and we are now going through a tremendous catch-up game," he said. But Mehuron held government officials partially to blame for that shortfall. "Too many times in the past, there have been concerted efforts among vendors to come up with products that have strong security, only to have those vendors dismayed by users who were then not willing to pay increased prices for those products or put up with the systems degradation issues that come along with them," he said. David Farber, CTO of the Federal Communications Commission, then urged government and private industry alike to plan more security measures into systems now before even more changes due to wash over the networking industry. "It is going to be very, very difficult to design security into systems after the fact. This is an opportune time to architect security into systems," said Farber, who is also a professor at the University of Pennsylvania. Recent studies such as a report released Monday by the ITAA Information Technology Association of America (ITAA) are in part driving government systems administrators' need to step up security measures. Arlington, Va.-based ITAA found that about 51 percent of Americans are more worried about government security efforts in the wake of high-profile lapses such as those at the Los Alamos National Laboratory. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Feds' security role may yield business benefits William Knowles (Oct 17)