Cyber Security: White House Cyber Plan Emphasizes Industry Input

by Stephen M. Lawton and Bara Vaida

PALO ALTO, Calif. -- Borrowing on imagery from the Sept. 11, 2001, terrorist attacks, the "Nimda" and "Code Red" computer viruses and veiled threats yet to come, the White House on Wednesday unveiled its national cyber-security plan at a press conference here.

What was originally expected to be a blueprint of how the administration plans to fight cyber threats, the document is a "rough draft" that will be the subject of public comment for the next 60 days, said Richard Clarke, the president's cyber-security adviser.

"The government cannot dictate, cannot mandate, cannot alone secure cyberspace," Clarke said. He characterized the theme of the document as moving away from "who, what, when, how and shifting to a vulnerability paradigm."

The comprehensive strategy, which took the administration 10 months to pull together, provides security recommendations to home users, businesses, industries and government agencies to close the numerous security holes on the Internet.

Clarke and White House Critical Infrastructure Protection Board Vice Chairman Howard Schmidt emphasized numerous times that the plan contains no government regulations because the vast majority of the Internet is privately owned.

Clarke emphasized that public commentary and the development of the final plan will be open "for all of the country to see."

Schmidt said the process that began with the release of the plan will take years to fully implement. He compared the ultimate success of the program with the use of car seat belts today, which he said began as an inconvenience to drivers but has become an automatic part of driving.

At the event, members of all sectors of the nation's critical infrastructure spoke. For example, Harris Miller of the Information Technology Association of America represented the information and communications sector, and Matt DeZee spoke on behalf of the National Association of State Chief Information Officers.

To help oversee the final drafting of the strategy, the White House announced a new National Infrastructure Advisory Committee that includes 24 members of industry, academia and government. In addition, FBI director Robert Mueller announced a new partnership with the U.S. Secret Service to focus on cyber crimes.

"Just as entrepreneurs realized the potential of the Internet, so did criminals," said Brian Stafford, director of the Secret Service.

Federal Trade Commissioner Orson Swindle announced this fall the government will launch a consumer education campaign to make consumers more aware of their individual responsibilities for protecting the Internet.

"We want to create a culture of security," he said.