[ISN] A two-pronged approach to cybersecurity

From: InfoSec News (isn@private)
Date: Tue Dec 02 2003 - 00:48:50 PST

  • Next message: InfoSec News: "[ISN] Fighting the worms of mass destruction"

    Forwarded from: William Knowles <wk@private>
    
    http://news.com.com/2008-7355-5112350.html
    
    By Robert Lemos
    December 1, 2003
    Staff Writer, CNET News.com
    
    In September, Amit Yoran became the United States' top cybersecurity
    defender.
    
    Against a backdrop of new challenges from increasingly sophisticated
    hackers, Yoran is responsible for preparing the government's response
    to any major cyberattacks.
    
    This is the second tour of government duty for Yoran, who once headed
    vulnerability assessment at the Department of Defense's Computer
    Emergency Response Team (CERT) and managed the Pentagon's network
    security. In the interregnum, he started and then sold a services
    company to security software maker Symantec.
    
    As director of the National Cyber Security Division of the Information
    Analysis and Infrastructure Protection Directorate at the Department
    of Homeland Security, Yoran has a big title. Still, he can't make
    things happen by federal fiat, and the success or failure of the
    government's National Strategy to Secure Cyberspace hinges on private
    sector buy-in.
    
    That's why he's in Silicon Valley this week, where he plans to talk
    with companies about how the United States can better handle future
    cybersecurity attacks. He spoke with CNET News.com before heading out.
    
    Q: Is cyberterrorism a big worry to you?
    
    A: Terrorism occurs throughout the cyberdomain. (Terrorists) use the
    cyberinfrastructure to inflict their operation, or their operation
    targets the cyberdomain. Those two may qualify as cyberterrorism, but
    I don't think it warrants its own definition. I think it is something
    we need to be cognizant of. I don't think the countermeasures one
    would put in place for cyberterrorism differ that much from the
    measures to protect against other threats.
    
    
    Many people are waiting for the National Strategy to Secure Cyberspace
    to bear some fruit. What will your role be in getting that done?
    
    The president has identified the Department of Homeland Security--and
    Secretary (Tom) Ridge has identified the cybersecurity division--as
    the focal point for the coordination and implementation of the
    National Strategy. Its underlying theme is for a very strong
    public-private partnership to go forward and execute in a number of
    different areas to deliver better security to the country on many
    different fronts.
    
    The government has already initiated action on the National Strategy.  
    Other components of the national strategy clearly call for action on
    the private sector's part or for a coordinated partnership effort
    between the public and private sectors.
    
    
    To what degree have companies stepped up to the plate and delivered
    the level of security for which the National Strategy calls?
    
    I don't believe that that security level has yet been achieved--nor do
    I think that it is realistic for us to expect that that level would
    have been achieved. However, I will say that I have been very
    encouraged during my first 30 days here. I have also been very
    encouraged by the willingness of the private sector to engage and
    assist and participate in the work that needs to be accomplished. So,
    have we achieved the desired level of security? The answer is no. But
    are we making progress down that road? My belief is that we are.
    
    
    What do you think you can do to stop or prevent attacks such as Code
    Red, Nimda, Slammer, Sobig and MSBlast?
    
    There are some things we need to do that are strategic and long-term
    in nature, such as the advocacy and creation of better software
    development processes and better software engineering. In addition, a
    number of very short-term and tactical initiatives can start us down
    that road. Those include a better-facilitated response infrastructure,
    making sure that when a new virus, worm or other vulnerability is
    discovered, we have some coordination for that effort.
    
    We have some national-level focus on that effort. We have the
    appropriate players--the owners of the critical infrastructure, the
    software developers, the people who operate these systems--at the
    table. We know how to communicate with them. We have a secure
    communications infrastructure to provide them timely guidance, advice,
    assistance and information for action.
    
    So, when you look at the issues we face, you have a two-pronged
    approach: You have these long-term strategic initiatives we think will
    ultimately solve the problems. But several tactical step-one, step-two
    things can make near-term tangible operational improvements in
    cyberspace.
    
    
    What do you hope to accomplish during your tenure at the Homeland
    Security Department?
    
    To have the United States and the cyberinfrastructure be in a more
    secure state. And I know that's a very open-ended response, but if we
    are looking to measure results over a longer term, that might be the
    appropriate yardstick.
    
    Short-term goals include improving our response time, improving our
    coordination with various critical infrastructures, improving
    cybersecurity awareness and improving our national response system.  
    Ultimately, I'd like to see significant improvement in the United
    States' homeland security and cybersecurity.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Dec 02 2003 - 02:47:40 PST