Forwarded from: William Knowles <wkat_private> http://www.washingtonpost.com/wp-dyn/articles/A56254-2003May14.html By Brian Krebs washingtonpost.com Staff Writer May 14, 2003 The Department of Homeland Security soon will establish an office to execute the Bush administration's cybersecurity strategy, a move that may serve to blunt criticism that the agency has not devoted enough resources and attention to Internet security. Homeland Security officials have not yet named a supervisor to run the office, top homeland security official Robert Liscouski said in an interview today. The new office, which the department is expected to announce next week, also will coordinate government and business responses to online hacking threats and other forms of cyberattack. The department has not yet decided how many employees or how much funding it will devote to the new office, said Liscouski, who is in charge of protecting the nation's electronic and physical infrastructures. The Homeland Security Department includes several other online security divisions, including the National Infrastructure Protection Center and the Critical Infrastructure Assurance Office. The new office, however, will take on several new projects, including the development of a cyberattack disaster recovery plan. Former White House cybersecurity adviser Richard Clarke questioned whether the department's pick to execute the national strategy will rank high enough in the homeland security chain of command to steer the development of cybersecurity policy. "No matter how good you are, many people are going to treat you based on your rank and how often you can see and talk to the president and other important people," Clarke said in an interview. Clarke, who left the administration in January, has criticized the administration for failing to appoint a high-level official to focus exclusively on Internet security. His deputy, Howard Schmidt, resigned last month after an unsuccessful bid to get Homeland Security Secretary Tom Ridge to create a high-ranking cybersecurity czar position. Since then, many critics in the business and private sector have expressed doubt that the administration would take any more high-profile action on cybersecurity, but Liscouski said that the cybersecurity office would show that the Homeland Security Department is serious about protecting the Internet from online hackers and terrorists. "This (new office) will help put feet to the national strategy," he said. Greg Garcia, vice president for information security at the Information Technology Association of America said he worries that whoever is picked will lack sufficient power to get cybersecurity treated as a priority issue. "What's most important is that there be an individual (within the department) who wakes up every morning thinking about how to secure the U.S. information infrastructure, a central figure to whom we in industry can look for coordination and partnership," he said. "If that is what is being envisioned, we would support that, provided this person has the authority, budget and staff to really make an impact." He added that it will take, "a lot of people putting their heads together to figure out what kinds of programs we can put in place to make the strategy more than just a document produced with great fanfare and tossed aside," Garcia said. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu May 15 2003 - 03:14:03 PDT