[ISN] Personnel Shortage Hindering Net Security

From: InfoSec News (isnat_private)
Date: Wed Mar 13 2002 - 23:42:32 PST

  • Next message: InfoSec News: "[ISN] Japan firms open to hackers: group"

    March 13, 2002 
    By  Dennis Fisher 
    ARLINGTON, Va. - A critical shortage of experienced security personnel
    - and not a lack of technological advancement - is hindering the
    effort to secure the nation's public and private networks, government
    officials and security experts said Tuesday.
    Speaking to a room full of security officers, CIOs and CTOs at the
    Defending Against Information Warfare Conference here, a succession of
    high-profile experts said that technology alone is not enough to solve
    the endemic security problems in the Internet and corporate networks.
    "I'd like to emphasize the importance of people and processes and not
    just technology in this equation," said Robert Gerber, chief of the
    analysis and warning section of the National Infrastructure Protection
    Council. "The threat has never been greater and the pace at which new
    technology comes into the networks makes it difficult to keep pace."
    Gerber spoke on a panel that also included Michael Jacobs, information
    assurance director of the National Security Agency; Jacques Gansler,
    professor at the Center for Public Policy and Private Enterprise at
    the University of Maryland; and Jeffrey Hunker, dean of the Heinz
    School of Public Policy at Carnegie Mellon University.
    Jacobs echoed Gerber's sentiments, saying that the technological
    advancements of the past decade have led to a kind of gold-rush
    mentality among IT managers and CIOs, who often believe that more
    hardware and software is the answer to every problem.
    "IT spending often runs counter to good security, which lives best in
    a stable environment," said Jacobs, a veteran of nearly 40 years at
    the NSA, based in Ft. Meade, Md. "The technology isn't the issue. We
    have converged on a desired end-state, but are conflicted with a lot
    of impediments to getting to that end-state."
    The panel discussion followed a presentation by Howard Schmidt, vice
    chairman of the President's National Infrastructure Protection Board,
    who stressed the need for more college- and graduate-level education
    in information security.
    "There are still just not enough people with expertise in these
    areas," said Schmidt.
    [Recommended link: http://www.intelligencecareers.com   - WK]
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Thu Mar 14 2002 - 02:31:28 PST