[ISN] Cyber-Security to Get Higher-Profile Leader

From: InfoSec News (isn@private)
Date: Wed Oct 13 2004 - 01:52:59 PDT


Forwarded from: William Knowles <wk@private>

http://www.washingtonpost.com/wp-dyn/articles/A28019-2004Oct12.html

By Jonathan Krim
Washington Post Staff Writer
October 13, 2004

Homeland Security Secretary Tom Ridge said yesterday that the role of
overseeing computer security and the Internet should have a higher
profile at the agency, in the face of increasing concern from
technology executives and experts that cyber-security is getting
inadequate attention.

Ridge told an industry council that advises the White House that the
agency was creating a new position of assistant secretary to be
responsible for both cyber- and telecommunications security, according
to two executives who heard the remarks.

But hours later, Homeland Security spokesman Brian Roehrkasse said
that despite Ridge's comments, final details on the title and
responsibilities of the elevated position had not been decided. An
administration source who spoke on the condition of anonymity later
said Ridge misspoke; the job will instead be deputy assistant
secretary.

Cyber-security has been a flashpoint ever since the Department of
Homeland Security was created in the wake of the Sept. 11, 2001,
terrorist attacks. Before then, a cyber-security office was an
integral part of the White House. The decision to move it was regarded
by many in the technology security industry as a downgrade of the
issue's importance by the Bush administration.

Although no full-scale cyber-attacks have occurred, terrorists make
extensive use of the Internet for everything from passing messages to
transferring money. And because so many networks interconnect,
cyber-security experts warn that a weak link in one place could be
exploited and threaten major avenues of commerce.

Moreover, attacks by apolitical but malicious hackers against
governments, businesses and consumers have continued unabated, costing
companies and individuals tens of millions of dollars a year.

The controversy over how best to handle cyber-security reached a
boiling point on Oct. 1, when Amit Yoran, head of Homeland Security's
National Cyber Security Division, quit in frustration over his
inability to get the department to be more aggressive on the issue.

Yoran had reported to Robert P. Liscouski, assistant secretary for
infrastructure protection, and was not responsible for
telecommunication networks, which are the backbone of the Internet.  
Liscouski has staunchly resisted calls for giving cyber-security
separate attention, arguing that it should be integrated with all
other security considerations.

If the department were to create an assistant secretary position for
cyber-security, Liscouski would be responsible only for other physical
infrastructure.

Before Homeland Security issued its statement, Ridge's remarks met
with wide acclaim. Yoran called the change "a fantastic move" and
evidence that the department is able to change its operations to meet
the mounting cyber-threat.

Paul Kurtz, head of the Cyber Security Industry Alliance, said it was
"a solid development."

Rep. Zoe Lofgren (D-Calif.), who along with Rep. William M. "Mac"  
Thornberry (R-Tex.) sponsored House legislation to elevate the
cyber-security job, said it would be "good news for a more secure
America."


 
*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
----------------------------------------------------------------
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Wed Oct 13 2004 - 03:19:05 PDT