Feds: Tech Industry Must Act to Thwart Security Threats

By Matthew Hicks  |  Posted 2003-12-03 Print this article Print

At the National Cyber Security Summit, technology leaders are told they must start making progress in security in order for homeland security officials to forestall legislative efforts.

SANTA CLARA, Calif.—Leaders of the federal governments homeland security efforts warned technology industry leaders that if they do not lead the way in securing cyberspace, they will face the prospect of legislation setting security requirements. Responsible for 85 percent of the nations critical infrastructure, the private sector is critical to implementing a national plan for cyber-security, laid out in President Bushs year-old National Strategy to Secure Cyberspace, said Tom Ridge, secretary of the Department of Homeland Security, during the National Cyber Security Summit here on Wednesday.
"We must be as diligent and determined in finding ways to strengthen cyberspace as the terrorists are in trying to find ways to attack it," Ridge said.
But the private sectors role must involve more than promising to work together or forming task forces. It also must set metrics and deliverables to demonstrate progress in security in order for homeland security officials to forestall legislative efforts, said Robert Liscouski, the Homeland Security Departments assistant secretary for infrastructure protection. "If we cant tell that story, there are plenty of people out there willing to legislate your work," he said. "And if thats what you want, then I can assure you, thats what youll get." Technology executives, through industry groups such as the Information Technology Association of America and the Business Software Alliance, already have been lobbying the Homeland Security Department not to push a proposed rule that would require publicly traded companies to share with securities regulators their defenses against IT security attacks. The Homeland Security Department, the ITAA and the BSA are among the sponsors of the National Cyber Security Summit, the first of its kind since the launch of the national strategy. Technology executives throughout the day are expected to hammer out more details on how to get the various plans in the strategy to work. They will be convening five task forces, covering everything from raising security awareness among home users and small businesses to developing an early warning system for security threats. Ron Moritz, senior vice president of eTrust security solutions at Computer Associates International Inc., is a co-chair of the "Security Across the Software Development Life Cycle" task force. He said that the industry had begun working with the federal government on cyber-security even before Sept. 11, 2001, but that he now is noticing more urgency. While he expected Wednesdays meeting to result in plans of action, he said tangible results probably wouldnt be seen for a few more months. "The industry would love to say, We met for two days and we have all the answers," he said. "But a lot of this is going to be long term." Pushing ahead remains critical for both the government and the private sector because of the ease with which a terrorist or hacker can wreak havoc on computing systems. The issue cuts across the entire spectrum of computer users, Liscouski said. Even if big business secures all their systems, holes elsewhere still must be plugged. "[Its] as simple as seizing a few small computers in homes to launch attacks with impacts on our national infrastructure," he said. The summit, which opened on Tuesday, also is serving as the first major event for the new director of the National Cyber Security Division of the Homeland Security Department, Amit Yoran. Yoran, a former executive at security vendor Symantec Corp., took the helm in October.
Matthew Hicks As an online reporter for eWEEK.com, Matt Hicks covers the fast-changing developments in Internet technologies. His coverage includes the growing field of Web conferencing software and services. With eight years as a business and technology journalist, Matt has gained insight into the market strategies of IT vendors as well as the needs of enterprise IT managers. He joined Ziff Davis in 1999 as a staff writer for the former Strategies section of eWEEK, where he wrote in-depth features about corporate strategies for e-business and enterprise software. In 2002, he moved to the News department at the magazine as a senior writer specializing in coverage of database software and enterprise networking. Later that year Matt started a yearlong fellowship in Washington, DC, after being awarded an American Political Science Association Congressional Fellowship for Journalist. As a fellow, he spent nine months working on policy issues, including technology policy, in for a Member of the U.S. House of Representatives. He rejoined Ziff Davis in August 2003 as a reporter dedicated to online coverage for eWEEK.com. Along with Web conferencing, he follows search engines, Web browsers, speech technology and the Internet domain-naming system.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel