[ISN] Analysis: InfraGard Conference Cancelled

From: InfoSec News (alerts@private)
Date: Mon Mar 19 2007 - 22:06:51 PST


http://www.postchronicle.com/news/security/article_21270020.shtml

By Shaun Waterman
Mar 19, 2007

The annual members' conference of InfraGard, the decade-old alliance 
between the FBI and the private sector to protect the nation's critical 
infrastructure, has been canceled.

Organizers say the event was too financially risky and administratively 
burdensome. Some observers say that the cancellation will hurt 
InfraGard's profile at a time when critical decisions are being made 
about how the private sector will be represented in the federal 
government's new Information Sharing Environment.

"When you put on an event like that, it is very expensive," Robert 
Schmidt, president of the InfraGard National Members Alliance told 
United Press International. "People will advance you a great deal of 
credit, and if it doesn't go well, you can end up putting the 
organization in considerable debt."

The alliance, a privately held LLC that has organized the annual 
conferences in Washington since they began in 2005, broke even or made a 
small profit on the two they did organize, but had taken "a cold-eyed 
look at the risk-reward ratio," said Schmidt.

"All it would take would be some bad weather," he said, adding that the 
alliance believed it could use the big business sponsorships that 
subsidized the conference to support "other kinds of events that don't 
entail so much risk."

Schmidt and the FBI said the work of the InfraGard program, through its 
86 local chapters around the country, each of which is affiliated with 
an FBI field office, would continue unaffected.

"The FBI is 100 percent committed to InfraGard, and we will continue to 
work with the alliance," said FBI Spokeswoman Cathy Milhoan. She said 
the group had told the FBI that the event -- which the bureau has played 
no role in staging -- was administratively burdensome on the national 
alliance, which was run on a voluntary basis by InfraGard members.

"They told us it was just too much for an all-volunteer organization," 
said Milhoan.

The cancellation was communicated to members via e-mail message last 
month but not publicly announced.

"The lack of broad base support for the conference created conditions 
that were producing unacceptable enterprise risk to the (alliance)," 
reads the Feb. 12 e-mail, "Regrettably, the Board has no choice but to 
cancel the 2007 Conference."

Some observers said the cancellation would damage the organization's 
profile at a very inopportune juncture.

"I can't imagine that this bodes well for the organization's viability," 
John Rollins, of the Congressional Research Service, told UPI.

He said it risked robbing the program of "a national voice ... a single 
point of contact to talk to the federal government."

Rollins, who researches information-sharing and infrastructure 
protection issues for the U.S. Congress, worked at the FBI's National 
Infrastructure Protection Center when InfraGard was first set up in 
1996.

According to the InfraGard Web site, it was established to "harness 
private sector expertise for (FBI) investigative efforts in the cyber 
and physical security arenas."

Members undergo a background check, and then join a local chapter and 
get a log on to a special secure Web site.

"FBI agents assigned to each chapter bring meaningful news and 
information to the table: threat alerts and warnings, vulnerabilities, 
investigative updates, overall threat assessments, case studies, and 
more," says the bureau's own Web site. "Our private sector partners," it 
adds, "share expertise, strategies, and most importantly, leads and 
information that help us track down criminals and terrorists."

But since the terrorist attacks of Sept. 11, 2001, brought 
infrastructure-protection issues to the front burner, and since the 
formation of the Department of Homeland Security in 2003, there has been 
a proliferation of forums and organizations designed to facilitate 
similar kinds of communication between federal agencies and the private 
sector.

In terms of communication about critical infrastructure protection 
"there's been a shift to a company- and sector-based strategy" by the 
federal government, said Andrew Howells, former vice-president of 
homeland security for the U.S. Chamber of Commerce.

"They never ... figured out their relationship to" the federal 
government's Information Sharing and Analysis Centers, or ISACs, he 
said. The ISACs are sector-based councils established under the 2002 
Homeland Security Act to receive and share information about possible 
threats to critical infrastructure.

He said it was a challenge for an organization based on individual 
membership, like InfraGard, to demonstrate its continuing relevance.

Schmidt, the president of the InfraGard alliance, said that the ability 
of the program to promote information-sharing and the building of 
relationships across sectors was one of its values.

And he said that InfraGard was a "very heterogeneous" organization. 
"What does an InfraGard chapter do?" he asked. "Pick one and I'll tell 
you." Different chapters were very different animals he said, depending 
on a variety of factors, including what the local FBI field office 
wanted or expected and what "the local business culture" was. (c) UPI


_________________________________________
Visit the InfoSec News Security Bookstore
http://www.shopinfosecnews.org



This archive was generated by hypermail 2.1.3 : Mon Mar 19 2007 - 22:25:14 PST