[ISN] War, Recession Highlight Need for Net Security

From: InfoSec News (isnat_private)
Date: Tue Sep 25 2001 - 01:02:54 PDT

  • Next message: InfoSec News: "[ISN] Setting the record straight: Zimmermann on PGP use in times of terrorism."

    Carolyn Duffy Marsan, Network World
    Monday, September 24, 2001
    As the nation gets hit by the double-whammy of a war and a recession,
    the need to improve Internet security is more critical than ever,
    according to government and industry leaders speaking at a panel held
    Friday on Capitol Hill.
    Senator Bob Bennett (R-Utah), a champion of high-tech causes, says the
    September 11 terrorist attacks plunged the United States into both a
    war and a recession. He says Internet security is required to protect
    precious information resources, such as the Federal Reserve Bank's
    Fedwire fund transfer system, from cyberterrorism. He says Internet
    security also is important in terms of improving productivity across
    the U.S. economy.
    "It is still vitally important that we pay attention to how well we
    are doing in Internet security," Bennett says. "Someone who wishes to
    could do us great damage."
    Terrorism on the Net
    Bennett says the U.S. has a leadership role to play in Internet
    security, much as it has a leadership role to play in protecting the
    world against terrorism. The U.S. war on terrorism will be fought over
    the Internet, economically, and diplomatically as much as it will be
    fought militarily, he predicts.
    "How vital it is that all systems of the economy work well, and that
    the Internet systems work well," he adds.
    Bill Conner, president and CEO of Internet security software vendor
    Entrust Technologies, concurs about the importance of protecting the
    Internet as a critical communications infrastructure.
    "There was a 911 call last week that I think went out to the Internet
    and to Internet security," Conner says, referring to the terrorist
    attacks in New York and Washington, D.C.
    Conner says today's widely deployed technologies for Internet
    security--firewalls, virus scanning and secure socket layer
    transactions--aren't sufficient. Instead, he says Internet security
    must be enhanced to protect the content of communications as well as
    ensuring the identity of the people involved in the transaction.
    Safe Communication
    Specifically, Conner said an enhanced Internet security system would
    * Identification of the parties at either end of the communication.
    * Entitlements to control the access users get to information.
    * Verification of transactions.
    * Privacy to ensure that sensitive information is protected.
    * Security management to administer security across applications and
    "These are the requirements in a post-911 era," Conner says. "Anything
    less than that can be compromised."
    Conner recommends the federal government do a better job of
    coordinating how it rolls out enhanced security services across its
    many agencies. And he urges Congress to increase the resources devoted
    to Internet security, pointing out that the Office of Management and
    Budget has only two and a half people dedicated to monitoring Internet
    security across the government.
    Regarding encryption, Conner urges Congress not to control the
    availability of encryption software or to build back doors into it.
    "If we try to legislate or regulate encryption, it will become a
    bullet used against us," Conner warns.
    Government Eyes Privacy, Security Daniel Chenok, branch chief for
    information policy and technology at the Office of Management and
    Budget, says security and privacy underpin all of the federal
    government's e-government initiatives. These initiatives are focused
    on reforming how the government does business with consumers,
    businesses, and other government agencies by taking advantage of the
    efficiencies of Internet communications.
    Regarding Internet security, Chenok says. "Clearly there has to be a
    partnership between government and the private sector."
    While Chenok offered no specifics, he says the federal government's
    Internet security strategy may change in light of the September 11
    attacks. "Clearly, at very senior levels all of these issues are being
    reviewed and a number of decisions and actions on that will be taken,"
    Chenok says.
    The Internet Security panel was sponsored by the Business Software
    Alliance, a public policy group that represents 18 software vendors
    including Entrust, IBM, Microsoft and Novell.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Sep 25 2001 - 04:06:57 PDT