  |
 |
|
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: | ||
 |
|
CYBER-SECURITY IS UNDERPLAYED, INDUSTRY SAYSSource: SecurityFocus OnlinePosted on July 9, 2002 Among the more contentious questions to arise from U.S. President Bush's proposal last month for a Department of Homeland Security is one it did not explicitly address: How should the government deal with threats in cyberspace? Bush proposed merging various agencies, scattered around the government, that oversee different aspects of computer security. But the fact that the White House's draft bill doesn't mention "cyber-security" or its variations set off furious lobbying on Capitol Hill. Some of the nation's largest high-tech companies and industry groups say government workers protecting cyberspace should have a higher profile. "Cyber-security and electronic infrastructure are such a pervasive foundation of everything in our country that we need to raise the focus of that in the legislation," said Tim Hackman, director of public affairs for International Business Machines Corp. government programs. Figuring out how to secure cyberspace is more critical now than ever before, given the dependence of government and the economy on computer networks. Studies by government and private researchers have found numerous problems in the digital infrastructure that make it vulnerable to attack. The Information Technology Association of America and the Business Software Alliance want a Bureau of Cyber Security, headed by an assistant secretary. "The challenges in the cyber-world are sufficiently different from those in the physical world to merit a separate, focused entity," the ITAA wrote in a letter that was sent on Tuesday to key members of Congress. Rep. Sherwood L. Boehlert (R-N.Y.) wants a more comprehensive research-and-development program, headed by an undersecretary. The only R&D program now in the bill would be headed by an undersecretary for chemical, biological, radiological and nuclear countermeasures. "Cyber-security R&D has become a backwater and . . . as a result the nation does not have the tools it needs to foil a cyber-attack," Boehlert said. A spokesman for the Office of Homeland Security, Gordon Johndroe, said the government is open to ideas but it believes "the president's proposal brings together the appropriate agencies in the right form to deal with the threat of cyber-security." Nevertheless, government sources said homeland security director Tom Ridge, in response to the lobbying, is reviewing a proposal for a more robust cyber-security component in the new department. Although the White House bill makes no specific mention of the Internet and security, it would merge six government groups with responsibilities in that area. The reorganization, described by White House cyber-security adviser Richard Clarke in a recent speech, would take agencies that were "appendages in their parent organization" and put them together to create a "center of gravity" for fighting cyber-threats. Many in industry, such as Microsoft Corp.'s chief security strategist, Scott Charney, say they are generally satisfied by the proposed reorganization of the first four groups. "Right now the responsibility is spread out," Charney said. "To the extent that it's brought under one organization makes coordinating government-industry interaction a lot more efficient. That's a good thing." But there is debate over the practical and philosophical consequences of shifting parts of the Commerce Department's National Institute of Standards and Technology and the FBI's National Infrastructure Protection Center to the new department. The outreach and education sections of NIPC would go to homeland security, while the threat analysis and warning section would remain in the FBI. Implementation might be tricky. Infra Guard, the FBI's public-private network that supports the sharing of information about cyber-threats, is run by FBI field agents on the investigations and operations side even though its function is outreach and education. Would the FBI agents move to the Homeland Security Department? Or would they stay in the FBI and work with the new department? Another controversial question is what would happen to NIST's computer-security division, a largely academic group that is one of the federal government's key links to industry. It provides research and other resources and recommends standards to be adopted by industry. Some have raised concern that separating the unit from NIST would make it difficult for it to carry out its mission. They also worry that if it is part of what is essentially a defense organization, it will make decisions based more on national security concerns than on technical merit. "The analytical, academic approach that they have currently as a more or less independent research organization could in part be compromised," said Harris Miller, president of the ITAA.
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
|
ALERT  WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |