Forwarded from: William Knowles <wkat_private> http://www.govexec.com/dailyfed/0402/041702h1.htm By Shane Harris sharrisat_private April 17, 2002 ORLANDO, Fla. - Speaking before a conference of hundreds of federal technology personnel and industry officials Wednesday morning, Richard Clarke, President Bush's point man on national cybersecurity, outlined the next phase in the controversial plan to build an impenetrable information network for the federal government, known as Govnet. Clarke said a team from the General Services Administration had completed a review of more than 167 responses from technology companies on how the network could be built, and that the reviewers had concluded that creating a stand-alone network, one not connected to the vulnerable systems of any other networks, is technologically feasible. Clarke added that some Defense Department and intelligence agencies, as well as some organizations in the Energy Department, already operate these kinds of solo networks today. The government can't afford to put off major upgrades to information security, Clarke said, noting that terrorists have continued to call upon their followers to attack the nation's critical infrastructure of power grids and information systems, many of which are connected to the Internet. Every government agency has failed a test of its information security conducted by the National Security Agency, Clarke said. He criticized technology experts in government and the private sector for living in a "fantasy land" where they underestimate the power of online attacks and the vulnerability of agencies and corporations to such attacks. Clarke qualified the Bush administration's commitment to Govnet, saying it is merely a "concept," not an actual program or project. "Govnet is a question - that may lead to programs," Clarke said. Lawmakers have not set aside any money in the president's budget for next year to fund the network, even though Bush has called for a 64 percent increase in information security spending across the board. Leading technology firms have criticized the Govnet plan as immature, unclear and underfunded. Clarke said the White House would seek permission from Congress to begin assessing how much it would cost to build the hacker-proof network and what the design of that system would be. He mentioned five possible paths the next phase of Govnet could take: 1. Use ideas received from industry in response to the initial Govnet proposal to improve security on existing networks. 2. Switch agencies over to other existing stand-alone networks. 3. Allow agencies to build their own stand-alone networks. 4. Create a back-up network to ensure continuity of critical government operations in the event of a terrorist attack. 5. Create a multi-agency stand-alone network. Those options have been informally floated by technology firms over the past several months and offer little in the way of new thinking on how Govnet would be built. Clarke offered no insight into which approach the White House might favor, nor did he specifically endorse one approach over another. Clarke admonished the information technology industry, including such giant firms as Microsoft, for not manufacturing sufficiently secure products. He noted, however, that commitment to security has been revitalized by the Sept. 11 terrorist attacks. Clarke said that in a recent videotaped message, al Qaeda terrorist network chief Osama bin Laden praised the September attacks and called on his followers to attack the information infrastructure of the United States. "I hope the bastard is dead," Clarke said. His comments were greeted with applause from the audience. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Apr 19 2002 - 06:09:39 PDT