[ISN] Bush administration considering creation of cybersecurity fund

From: InfoSec News (isnat_private)
Date: Wed Sep 11 2002 - 01:59:19 PDT

  • Next message: InfoSec News: "[ISN] Insecure wireless networks exposed"

    Forwarded from: "eric wolbrom, CISSP" <ericat_private>
    WASHINGTON (AP) -- The Bush administration is considering creation of
    a fund that would combine tax dollars and money from the technology
    industry to pay for Internet security enhancements, according to
    internal documents from the government's effort to develop a national
    cyberprotection plan.
    Federal officials writing the plan, set to be disclosed this month,
    also are discussing sweeping new obligations on companies,
    universities, federal agencies and home users designed to enhance
    security of the Internet, according to more than 30 pages of working
    papers obtained by The Associated Press.
    The goal is to "empower all Americans to secure their portions of
    cyberspace," according to one document identified as an executive
    summary for the National Strategy to Secure Cyberspace.
    Other ideas under consideration include:
    * Improving security of wireless technologies, and prohibiting
      their use in some cases by federal workers.
    * Spending more to protect computer systems that help operate major
      utilities like water and power.
    * Studying ways to respond to cyberattacks when the source of the
      attacks cannot be distinguished immediately between a hostile 
      government or teenage hacker.
    * Creating an industry testing center that would make sure software
      updates don't cause security problems.
    * Studying the creation of a new government network to handle
      communications and computing in case of Internet outages.
    A White House official cautioned Friday the ideas cited in the working
    papers are subject to change until President Bush approves them. Even
    then, recommendations would have to go through traditional policy and
    budget processes, which could include congressional approval, the
    official said.
    The administration circulated some draft language last week for review
    among federal agencies with instructions not to distribute it outside
    government, said one person familiar with the effort, speaking on
    condition of anonymity.
    An updated proposal is expected from the White House next week, with
    the plan's final release set for Sept. 18 at a news conference at
    Stanford University attended by FBI Director Robert Mueller and top
    administration officials.
    The plan is expected to include more than 80 recommendations and is
    being assembled by a U.S. advisory board headed by Richard Clarke, a
    top counterterrorism official in the Bush and Clinton administrations,
    and Howard Schmidt, a former senior executive at Microsoft.
    The group's working papers describe creation of a technology fund "to
    address those discreet technology areas that fall outside the purview
    of both industry and government and yet are critical to the future
    secure functioning of the Internet."
    The documents reviewed by the AP do not indicate whether the money
    would come from new taxes, grants or existing revenues, but they note
    that the fund could be "jointly financed by government and industry."
    One example cited in the internal documents that could be paid by the
    fund is development of highly secure versions of computer operating
    system software. The most popular operating systems are from
    Microsoft, Apple Computer and developers of the Linux software.
    Some proposals in the working documents already have been struck from
    the final plan, the White House official said. One would urge Internet
    providers to offer customers security software that would protect them
    from hackers. Clarke has previously endorsed that proposal in public
    In an unorthodox move drawing early praise among experts, the White
    House is placing some responsibility on home users for helping to
    secure the Internet, along with the nation's largest corporations and
    universities. Hackers increasingly have seized control of powerful,
    inexpensive home computers and high-speed residential Internet
    connections to attack others online or to hide illegal activities.
    To help home users, the administration is considering a national
    advertising campaign aimed at schools and other audiences on the
    importance of safe computing, according to the documents.
    The plan's working papers also recommend encouraging Internet providers
    to adopt a code of good conduct governing cooperation; and encouraging
    government to collect better information about cyberattacks and study
    whether harsher penalties for hacking are needed.
    eric wolbrom, CISSP			Safe Harbor Technologies
    President & CIO				190 Goldens Bridge Ct.
    Voice 914.767.9090 ext. 6000		Katonah, NY 10536
    Fax   914.767.3911				http://www.shtech.net
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Wed Sep 11 2002 - 04:38:28 PDT