Condoleezza Rice Seeks Big Cyber-Security Push

[InfoSec News <isn () C4I ORG>]

http://www.reuters.com/news_article.jhtml;$sessionid$QAQLN4AAAOZ1ICRBADLCFEYKEEANOIV2?type=internet&Repository=INTERNET_REP&RepositoryStoryID=%2Fnews%2FIDS%2FInternet%2FNET-TECH-USA-DC_TXT.XML

Last updated: 22 Mar 2001 19:32 GMT+00:00
(Reuters)

By Jim Wolf

WASHINGTON (Reuters) - President George W. Bush's top national
security aide called on Thursday for an "unprecedented" partnership
with the private sector to curb the any threat of computer-generated
attacks on vital U.S. infrastructure.

Heavy reliance on computers has become the "soft underbelly" of U.S.
life and a juicy target for foes, National Security Advisor
Condoleezza Rice said in her first major policy address.

"Our gaming exercises have told us for some time that a few
well-organized hackers could disrupt everything from our power lines
to our 911 (emergency telephone) systems," she told an Internet
security forum organized by CIO and Darwin magazines.

U.S. businesses -- which own and operate more than 90 percent of
electric power plants, telecommunications networks and other key
systems -- must be prepared "for scenarios where we have to restore
and reconstitute critical operations quickly if they are disrupted,"
Rice said.

"We are talking about a collaborative partnership between the public
and private sectors that is unprecedented in our history," she said.
"It is a unique problem and it's going to require unique solutions."

Rice hailed high-tech business leaders already working hand-in-hand
with the authorities to devise a national plan, due out late this
summer, to recover quickly from any cyber-blitzes.

The so-called Partnership for Critical Infrastructure Security is
seeking action in Congress on issues involving anti-trust, liability,
encryption, Freedom of Information Act, cost recovery and economic
espionage and trade secrets as part of this effort, board president
Ken Watson of Cisco Systems told the forum.

In the past, many companies have shied away from sharing data with the
government for fear of helping rivals, disclosing trade secrets or
highlighting embarrassing vulnerabilities. Now, an FBI-led task force
is prodding businesses for information on more than 5,000 of their
"key assets" nationwide and helping to mesh recovery plans.

Rice said the Bush administration was carrying out a thorough review
of critical infrastructure protection, but already knew it favored
building partnerships with industry, not regulation.

"We need to think seriously about how privacy rights and
cyber-security measures overlap and intersect, not just how they
conflict," she said.

Richard Clarke, who coordinates infrastructure protection and
counter-terrorism on the White House National Security Council staff,
said cyberattack by another country was "a real possibility."

"Without security, there is no privacy," he told the session, adding
that holes in U.S. government networks had turned the government into
"a model of how not to do computer security."

The forum wrapped up a three-day meeting of the industry consortium
working on the issue, organized by the Commerce Department's Critical
Infrastructure Assurance Office and the U.S. Chamber of Commerce.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".