[ISN] FBI's NIPC eyes major restructuring

From: InfoSec News (isnat_private)
Date: Mon Jan 21 2002 - 00:25:10 PST

  • Next message: InfoSec News: "[ISN] How the hacker's luck ran out"

    January 16, 2002
    The FBI's National Infrastructure Protection Center (NIPC) is
    preparing for what could be a radical overhaul of its structure and
    how it works with other federal agencies and the private sector.
    NIPC Director Ron Dick said in an interview last week that he has been
    in discussions with both the Centers for Disease Control and
    Prevention (CDC) and the National Communications System (NCS) in an
    effort to decide which agency's organizational model is better suited
    to the NIPC. He said he expects to make a decision in the next few
    "We're going to adopt one of the two because those models have been
    out there for a long time," said Dick. However, he said, "We're still
    trying to figure out the best method to do that and keep the private
    sector on a level playing field."
    The NIPC, based at FBI headquarters, was formed in 1998 to handle
    threat assessment, investigations and responses to any attacks on
    critical U.S. infrastructures.
    The Atlanta-based CDC fulfills a mission similar to that of the NIPC,
    in that it conducts surveillance, detection and analysis of health
    threats throughout the nation, issuing warnings when necessary. The
    CDC is a major operating component of the U.S. Department of Health
    and Human Services. It has 11 subcomponents. Each subcomponent has a
    different specialty, but all of them have the mission of entering into
    information-sharing partnerships with federal, state and local
    government agencies.
    Founded in 1962 in the aftermath of communications failures during the
    Cuban missile crisis, the NCS is made up of 22 federal agencies and
    advises the president on key telecommunications issues and policies.  
    Each agency provides a representative to sit on a Committee of
    According to Dick, by adopting the model of either the CDC or the NCS,
    the NIPC would take a major step toward overcoming one of its key
    challenges: tapping into the expertise in various aspects of critical
    infrastructure protection that resides in many places throughout the
    government and the private sector.
    In the past, the NIPC has studied ways of acquiring direct assistance
    from private-sector experts, including a provision that would allow
    the U.S. Attorney General to accept what is known as a "gift of
    services" from a private company. However, the Clinton administration
    ruled out that option, claiming it would create a conflict of interest
    and other legal obstacles, said Dick.
    "You can't task them to do anything because they're not federal
    employees," he said.
    Alan Paller, director of the SANS Institute in Bethesda, Md., said the
    NIPC has been looking at the CDC model for three years and in many
    ways is already moving in that direction.
    "CDC's prevention work, such as [administering] flu shots, is
    especially important, and I see a push by NIPC in that direction as
    well," said Paller, referring to NIPC's mission to facilitate the
    distribution of vaccines to fight computer viruses.
    "The mature model at CDC could offer some wonderful guidelines for
    long-term planning at NIPC," said Paller.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Mon Jan 21 2002 - 03:49:45 PST