Y2K center closes; calls for IT security site go unheeded

Y2K center closes; calls for IT security site go unheeded

OMB's Sally Katzen says closing the Information Coordination Center was the administration's plan all along.

By Julie Britt and Christopher J. Dorobek

GCN Staff

The Office of Management and Budget this month is dismantling the Year 2000 Information Coordination Center despite the urging of security officials that the center be made a systems security facility.

Sally Katzen, counselor to the OMB director, said the administration originally conceived of the ICC for the year 2000 effort alone. The plan from the beginning was to close it after the leap year rollover, said Katzen, who is also the administration's nominee as deputy OMB director of management.

'So by closing the center, we are doing what we said we would be doing,' she said.

The ICC was a central point for gathering, analyzing and summarizing information on systems operations during the year 2000 date change [GCN, Nov. 22, 1999, Page 8]. The center has been widely praised by both the public and private sector as a place of cooperation between government and industry.

The ICC's loss is the Federal Emergency Management Agency's gain. OMB designated much of the center's equipment for FEMA at the outset, Katzen said. FEMA also contributed a substantial amount of equipment to augment the center with the understanding that it would return to the agency after the year 2000 effort, she said.

President Clinton's fiscal 2001 budget proposal reflects that plan, so if FEMA didn't get the equipment, the agency would suffer a funding shortfall, she said.

FEMA will receive about $4 million worth of equipment from the defunct center.

The equipment will be used throughout the agency, FEMA spokesman Marc Wolfson said. 'We're not re-creating another command center.'

FEMA will replace or upgrade existing equipment in its offices around the country, he said. It will also be used for FEMA activities when the agency establishes a field office at a disaster site.

Government and private-sector security officials have criticized the closing of the ICC. Many officials lobbied Congress and the administration, arguing that the center was a logical choice as a place to launch reconstitution efforts in the event of a significant attack on the country's critical infrastructure.

Three major contractors'AT&T Corp., Cisco Systems Inc. of San Jose, Calif., and KPMG Peat Marwick of New York'said they would pay for the center's operations for a year if the government would pick up the costs of hosting the center. The three companies helped the administration build the $50 million center.

'We clearly proved it a success both in terms of preparation and in the ability to be flexible in the face of potentially deteriorating conditions,' said Gordon Bendick, AT&T's district manager in Washington for government markets.

Katzen agreed that the ICC was key to averting a year 2000 disaster, but she said it wouldn't necessarily be as successful for other computer efforts.

'From our perspective, the ICC was a fabulous success for the Y2K effort, but that doesn't mean it is a panacea for any other computer-related issue that comes along,' she said.

Because the 2000 rollover was a specific event with a set time frame, the government needed a global communications center, she said.

'But when you're talking about cybersecurity, you're talking about a different phenomenon, a much more challenging phenomenon,' Katzen said. 'I applaud those who are working on these issues because they are indeed awesome issues.'

Katzen said the three ICC contractors did express their interest in creating an information sharing and analysis center, saying it would make sense to have a center with enormous connectivity, such as the ICC.

But she disagreed that the ICC location would be suitable for such a government-industry venture.

'The real success of the ICC was less in the plant and equipment than the partnerships formed' and working together to solve problems, she said. That's not dependent on real estate, swivel chairs and modular desks, Katzen said.

'I asked [the contractors] to specify functions they're looking for and what it is they will be able to contribute to a co-located effort, and I'm waiting to hear back from them,' she said.

John A. Koskinen, former chairman of the President's Council on the Year 2000 Conversion, said he was not asked about the future of the ICC, but he agreed with Katzen's assessment of what made it a success.

The significance of the ICC operation was the working partnership and relationships that were created more than an issue of who sat where, Koskinen said.

'There were ongoing budgetary issues and ongoing relationship issues in the agencies that OMB and the White House had to consider,' he said.


What FEMA's getting from the ICC
'300 desktop and notebook PCs

'12 videoconferencing systems

'16 flat-screen monitors

' A communications switch


Though critics agreed that the relationships made the ICC effective, they said they fear those relationships will be lost without the center as a forum.

Throughout the year 2000 rollover, officials worried that there would be a distributed denial-of-service attack, said Jeffrey A. Hunker, senior director for critical infrastructure at the White House's National Security Council.

The ICC was effective as a central point for coordination, he said last month during the Government Information Technology Executive Council's Information Processing Interagency Conference in Orlando, Fla.

'I would hope the experience of that will be continued,' Hunker said.

Security experts said they had hoped the ICC would be used as a springboard for the development of a reconstitution program.

The use of the ICC for such a program had also received support from lawmakers. Sen. Robert Bennett (R-Utah), chairman of the Senate's special year 2000 panel, has pushed to maintain the center [GCN, Feb. 7, Page 8].

The offer from the three companies followed a rash of distributed denial-of-service attacks in February. At a meeting with IT industry leaders, President Clinton asked that the private sector work with the government to protect the nation's critical infrastructures.

Stomp, stomp

After that session, 'three 900-pound gorillas' said they would run the center for a year as a matter of corporate responsibility, said an industry official who asked not to be identified.

'Then you don't even get the courtesy of an answer ' then time goes by and time goes by, and they say, 'Oh. It's too late. We tore it apart,' ' the company official said.

One senior administration official called the decision shortsighted.

Bendick, however, said OMB is making hard economic decisions. 'They're making the hard calls that they're paid to do,' he said.

Katzen acknowledged that Clinton had challenged government and industry to work together to secure the critical infrastructure. 'We recognize and have acknowledged the importance of the issue and the necessity that we work together, and we want to go in that direction,' she said.

inside gcn

  • IoT security

    A 'seal of approval' for IoT security?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above