Reno kicks off cybercrime awareness campaign

Although security experts applaud a new government-industry partnership to promote
cybercitizenship and fight cybercrime, several said the program’s effectiveness
hinges on whether it can help strengthen the nation’s critical information
infrastructure.


The Justice Department and the Information Technology Association of America formed the
Cybercitizen Partnership to prevent cybercrime, Attorney General Janet Reno announced this
month at an ITAA meeting in Washington.


“We are coming together because we recognize that while technology offers our
society great benefits, it also creates great challenges that can only be addressed if we
work together,” she said.


“Awareness and education are very important, but you’ve got to be learning
the right things,” said Peter Neumann, principal scientist at SRI International, a
research company in Menlo Park, Calif.


The personnel exchange and Web directory proposed by Justice and ITAA could help law
enforcement officials increase their technical competence, he said. And Reno pointed out
that besides product enhancement tactics, systems administrators and IT product makers can
learn what law enforcers need from them during investigations and evidence collection.


But the government must keep in mind that the root of the problem is the insecure
infrastructure, not the people who will take advantage of it, Neumann said.


“The idea that we’re going to throw kids in jail for breaking into systems
that are not secure in the first place is throwing out the baby with the bath water,”
he said.


The 11,000 members of ITAA are systems companies ranging from start-ups to industry
giants.


The association has worked with President Clinton’s Commission on Critical
Infrastructure Protection, which in a 1997 report recommended industry-government
cooperation.


Computer Sciences Corp. was the first to pony up to the alliance’s public-sector
fund with a $20,000 contribution. While lauded by the partnership, the amount is still a
fraction of the $200,000 ITAA president Harris Miller said the public-awareness campaign
will cost.


No federal dollars have been committed, but Miller said he hopes to get government
funding as the program gets under way.


“I think the ideas are absolutely outstanding,” said Mark Fabro, worldwide
director of assessment services for Secure Computing Corp. of San Jose, Calif.


A lack of computer security knowledge has been a serious stumbling block to advancing
security, and ITAA is a proven leader, he said.


But involved parties must keep an eye on the long-term importance of the program, Fabro
said.


The initiatives will require funding and cooperation among countless security industry
players who do not necessarily adopt projects without profit potential, he said. And some
of the greatest technology minds in the country could be overlooked because they do not
work for large outfits, he said.


Above any sales interests, partnership participants should seize the opportunity to
shape overall information access and strike against information warfare, Fabro said.


In a joint FBI and Computer Security Institute survey of 521 government agencies and
companies released early this month, 30 percent reported systems intrusions by outsiders,
and 55 percent reported internal breaches.


The survey also indicated that law enforcement is increasingly called upon to combat
cybercrime: 32 percent of respondents said they had reported systems intrusions to law
enforcement last year, up from 17 percent in 1997.


The Cybercitizen Partnership initiatives are important first steps to reducing
cybercrime rates, said Alan Paller, director of research at the SANS Institute of
Bethesda, Md.


But knowing what to do will work only in conjunction with the time to do it, he said.


The partnership intends to launch further initiatives, Reno said. “We are united
in one common effort: to view modern technology so that humankind masters it rather than
it masters humankind,” she said.   


inside gcn

  • data architecture (Quardia/Shutterstock.com)

    AI adoption: Don't ignore the fundamentals

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above