[ISN] Bush plan rejects cybersecurity czar

From: William Knowles (wkat_private)
Date: Thu Jun 14 2001 - 00:16:22 PDT

  • Next message: William Knowles: "[ISN] Defense Against the Dark Arts"

    http://www.fcw.com/fcw/articles/2001/0611/web-pdd-06-13-01.asp
    
    BY Diane Frank 
    June 13, 2001
    
    The Bush administration is wrapping up details on a new governmentwide
    structure to lead national cybersecurity efforts, again rejecting the
    idea of having a security czar.
    
    White House officials have been working for months on ways to
    reorganize the governments initiatives for protecting the information
    systems that support the nations critical infrastructure. The critical
    infrastructure protection (CIP) effort started under President Clinton
    in 1998, when he signed Presidential Decision Directive 63.
    
    Many have suggested establishing a cybersecurity czar with a role
    similar to John Koskinens position leading the federal governments
    Year 2000 efforts. But Clinton, concerned that agencies would pass
    responsibility to a czar, in PDD 63 created a national coordinator at
    the National Security Council to oversee agency CIP efforts.
    
    The new Bush plan, expected later this month, will continue in that
    vein by creating a board with members from the various critical
    infrastructure protection sectors to coordinate policy and provide
    support for individual agency initiatives.
    
    "We cant have a single government agency or single government entity
    handling this problem," said Paul Kurtz, director of transnational
    threats at the National Security Council and the NSCs leader for
    cyberprotection issues. "The idea is a dispersed solution that allows
    coordination across agencies."
    
    The boards chairman will report directly to the national security
    adviser, currently Condoleezza Rice. The board will have several
    function-specific subcommittees to cover in-depth the issues under
    CIP. This will include national security, research and development,
    training, and physical security as it ties in with cybersecurity,
    Kurtz said.
    
    "Were going to be at the top trying to set the trend lines, trying to
    set the pace," he said.
    
    But the board will not dictate specific rules for agencies to follow,
    because that would likely lead to the same pass-the-buck mentality as
    a czar.
    
    "We cant fight for each particular agencys needs," Kurtz said "We can
    help, but we need to have each agency take responsibility for their
    security."
    
    The board will oversee some specific initiatives, including the Cyber
    Warning and Information Network under development to tie in cyber
    incident alert information from across government and even the private
    sector. This effort will link to the initiative at the General
    Services Administrations Federal Computer Incident Response Center to
    create a central warnings and analysis center for civilian security
    incidents.
    
    This networks structure is in development, with plans to put it in
    place this fall. For now, the idea is to create a "ringdown" network,
    so that if any agencys incident response team sends out an alert on
    the network, it is automatically sent to all other members of the
    network, Kurtz said.
    
    
     
    *==============================================================*
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    ================================================================
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    *==============================================================*
    
    
    ISN is hosted by SecurityFocus.com
    ---
    To unsubscribe email isn-unsubscribeat_private
    



    This archive was generated by hypermail 2b30 : Thu Jun 14 2001 - 23:59:41 PDT