Bush administration promotes cybersecurity abroad
- By Dipka Bhambhani
- Jul 26, 2002
To protect networks in this country, the Bush Administration must make sure U.S. allies do the same.
'No matter what the United States does to protect itself, we are only as secure as the least secure nation to which we are connected,' said Michele Markoff, the State Department's senior coordinator for international critical infrastructure protection policy.
Paul Kurtz, senior director for national security in the White House Office of Cyberspace Security, said U.S. military installations overseas would be affected by a cyberattack. His office and State have held talks with security officials from nearly a dozen countries about their defenses.
Markoff said the talks bring up whether, for example, other nations consider misuse of technology a crime and whether their law enforcement agencies have a sense of international accountability. 'We ask them to tell us what they have done,' she said.
No one shares IT details about types of databases, servers or vulnerabilities, however.
'We don't expect any country to share nor would we share our vulnerabilities,' Kurtz said. 'We have our friends and our allies, but our focus is to secure the homeland.'
So far, there is no agreement on an international security framework. 'A lot of this is getting the right nomenclature down,' Kurtz said.
The Council of Europe, a parliamentary assembly, made progress last year with a cybercrime treaty, he said, adding that India and the United States have made the most progress in bilateral talks. India is one of the most progressive countries in IT development and has an $8 billion security software industry, Kurtz said last month at a Washington conference sponsored by the Smart Card Alliance. He has been to New Delhi twice since Sept. 11.
Japan also surprised Kurtz. He called it 'incredibly networked. If you look at our wireless, Asia is ahead of us by leaps and bounds.' He also has held talks with officials in Australia, Britain, Germany and Italy.
For some countries, the discussion goes no further than raising the issue of cybersecurity to make them conscious of it, Kurtz said.From the get-go
Kurtz said he wanted to share information with the Italians about how to develop a critical infrastructure and find points of contact in the Italian government should there be a worldwide cyberattack.
'They were very much at the beginning' of establishing protections, Kurtz said. Talking with countries during the early stages is better than waiting until an infrastructure is built to find the vulnerabilities, he said.
'We're only as strong as our weakest link,' he said.
Markoff said the United States outsources 'billions of dollars of IT software to India. We are concerned that they as a key ally are thinking about security, too.'
India plans to pump $10 billion into its own cybersecurity over the next decade, Kurtz said.
State helped form the U.S.-India Cybersecurity Forum under the U.S.-India Joint Counterterrorism Working Group.