The U.S. government is not taking cybersecurity seriously enough and should spend more money and energy on the topic, a group of computer security firms said Tuesday.
Published: December 7, 2004, 9:39 AM PST By Declan McCullagh,Staff Writer, CNET News.com At an event in Washington, D.C., members of the Cyber Security Industry Alliance warned of the potential dangers of Internet attacks and called on the next Bush administration to create a new assistant secretary position inside the Department of Homeland Security and to ratify a computer crime treaty. "It seems to me that this should have a much higher profile within the administration," said Art Coviello, CEO of RSA Security. "In addition to infrastructure protection, (we need) an assistant secretary for cybersecurity." Lending additional weight to this call to arms was the presence of Amit Yoran, who was director of the National Cyber Security Division inside the Department of Homeland Security before resigning in October. Promoting the department's cybersecurity official to the rank of assistant secretary is not a new idea. A bipartisan bill introduced in September proposed that reorganization. Yoran had at least two levels of middle management between his office and outgoing department head Tom Ridge. A report released Monday by the House of Representatives' Homeland Security committee also calls for the creation of an assistant secretary position. The report cautions that the Department of Homeland Security has not "fully implemented" a cybersecurity strategy and that key information about progress "has not been fully shared" with Congress. That echoes a series of dismal reports from government auditors, who have charged the department with withholding important information from the private sector and failing to link its own incompatible computer systems together. Among the security companies' other recommendations on Tuesday: The Senate should ratify the Council of Europe's cybercrime treaty, which has been criticized by civil liberties groups; an emergency coordination network should be created to handle Internet outages; the government should increase R&D funding for cybersecurity; and a federal agency should be designated to track the costs of cyberattacks. RSA and the other members of the Cyber Security Industry Alliance stand to benefit from their call for more attention to cybersecurity, which could result in larger government contracts and a higher profile for their industry. The group's members include Check Point Software Technologies, McAfee, Symantec, Entrust, PGP and Computer Associates.
The only easy day was yesterday.
...some do, some don't; some will, some won't (WR)