On Alert

 
 
By John Moore  |  Posted 2001-11-01 Email Print this article Print
 
 
 
 
 
 
 

Call Terry Benzel an unwilling prophet of potential disaster.

Name: Terry Benzel
Title: VP, Network Associates Inc.
Web Info: www.pgp.com/research/nailabs/default.asp
Claim To Fame: Information security researcher

Call Terry Benzel an unwilling prophet of potential disaster.

Benzel, a vice president with Network Associates Inc. and director of that companys NAI Labs, testified last month before Congress on the nations cyber vulnerabilities. Since then, a number of news outlets including CNN, the Associated Press and the British Broadcasting Corporation have liberally quoted her warnings. A BBC news item including her views ran under the headline, "Doomsday fears of terror cyber-attacks."

With 20 years of experience in computer security, Benzel doesnt believe in fear mongering, which she calls irresponsible. But she does believe the country needs to wake up to the cyber security threat. For starters, she believes Congress should commission a study to assess the problem. "We dont even know how vulnerable we are," she said in a recent interview.

She is especially concerned about the prospects of a coordinated attack on physical infrastructure (a water supply, for example) and its supporting information systems (a computer-controlled monitoring system). Financial, energy, transportation, and public safety systems are other examples of "critical infrastructure systems." If attacks on such systems are successful, "people will die, the nations economy will be crippled and protective services systems will be weakened," she said in testimony before the House Science Committee.

To get a better handle on the scope of the problem—and insight into protections—the nation needs to dramatically boost the research and development dollars it spends on information security, according to Benzel. She identifies three key areas for research: interdependency, converged networks, and embedded control systems.

Interdependency research would address the links among critical infrastructure systems. Benzel notes that such systems are increasingly dependent on each other for correct operation. Converged networks, meanwhile, also raise interdependency issues in the case of data/telephony networks. Control systems also call for inquiry, she argues, given the lack of security technology for embedded systems.

"Weve identified some hard problems," Benzel says, noting her work with the Partnership for Critical Infrastructure Security (PCIS), a government-industry forum on security issues.

Benzel says she would like to see greater coordination among government, industry, and academia in exploring information security problems and developing a "road map" on how to solve them. She says groups like PCIS provide a role model for collaboration but are "no where near enough" to unite the various organizations pursuing security research.

Benzel knows whereof she speaks, having worked for years with industry and government research entities. She spent a decade at security specialist Trusted Information Systems, where she direct research sponsored by the Defense Advanced Research Projects Agency (DARPA).

After Network Associates acquired Trusted Information Systems, Benzel became director of NAI Labs, a security R&D organization with 120 employees.

NAI Labs research is funded through DARPA, the military services, and the National Security Agency among others.

Benzel recalls a time when certain agencies with three-letter acronyms were about the only customers interested in information security. "Only a few spooks somewhere around Fort Meade [home of the NSA] cared about it," she says. "Now, to have a major committee in Congress ask about it is very rewarding."

She calls her opportunity to bring security concerns to the Hill as "enormously fulfilling." But she also acknowledges the episodic nature of interest in security: the heightened attention a calamity can bring to subject can dissipate over time.

Benzels current wish: that the nations focus on security will "live past the current frenzy."

 
 
 
 
John writes the Contract Watch column and his own column for the Channel Insider.

John has covered the information-technology industry for 15 years, focusing on government issues, systems integrators, resellers and channel activities. Prior to working with Channel Insider, he was an editor at Smart Partner, and a department editor at Federal Computer Week, a newspaper covering federal information technology. At Federal Computer Week, John covered federal contractors and compiled the publication's annual ranking of the market's top 25 integrators. John also was a senior editor in the Washington, D.C., bureau of Computer Systems News.

 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel