Patrolling the Cyber-Borders

Fed policy looks to promote international data security.

The White House is expected to unveil its long-awaited National Strategy to Secure Cyber Space this week, outlining security recommendations for Americans who use computers, from the home user to the enterprise user to those in the federal government. And because U.S. networks are directly linked to networks overseas, the Bush administration plans to engage other nations in the strategy.

The Presidents Critical Infrastructure Protection Board, which authored the strategy, is expected to recommend that the United States work closely with Canada and Mexico to create a North American safe cyber-zone, according to a draft of the report obtained last month by eWeek. Closer ties in the region could better ensure that vulnerabilities are identified quickly and could improve law enforcement collaboration.

The draft includes a recommendation that other countries designate single points of contact for cyber-security coordination. In the United States, Richard Clarke, special adviser to the president for cyberspace security and the CIPB chairman, holds the unofficial title of cyber-security czar, but in other countries, the responsibility is typically dispersed among several offices.

In France, for example, several national ministries collaborate in overseeing cyber-security initiatives, according to Michel Combot, telecommunications attache at the Embassy of France, in Washington. Similar models are in place elsewhere in Europe.

"It varies, and it is under evolution as well," Jeannette Nielsen, science and technology attache at the Royal Danish Embassy, in Washington, said about the role of a cyber-czar in European Union member states. Although a single contact in each country for all cyberspace initiatives would likely be ineffective, it "would probably be useful in terms of handling IT security," Nielsen said.

In the United States, legislation can be used if voluntary recommendations dont improve cyber-security, but promoting policy changes internationally requires other means. Already, the United States and Europe diverge in their approaches to some cyberspace initiatives, including privacy protection.

However, according to the draft document, the CIPBs global recommendations will largely reflect EU strategies already in place, including promoting the Council of Europes Convention on Cybercrime.