Bush security panel plan gets mixed reviews

Bush security panel plan gets mixed reviews

Some experts doubt that the president's plan to restructure government cybersecurity will improve the protection of critical networks.

'There is a lack of acceptable standards that agencies are able to implement,' said Alan Matthews, president of Rapid7 Inc. of New York, which provides vulnerability assessment tools.

The job of any high-level board should be to allocate resources and assign accountability rather than to impose blanket policies, Matthews said.

A draft executive order from President Bush reportedly would eliminate the current position of national coordinator for infrastructure protection and replace it with a 21- or 23-member board under national security adviser Condoleezza Rice.

Although top-level support for cybersecurity is essential, security cannot be imposed from above, experts said.

'People are taking potshot audits at agencies, without telling them how to do it right,' said Alan Paller, director of research at the SANS Institute in Bethesda, Md. 'You can't fix security if you don't know what to do. The way we get that is with metrics and proven practices.'

Matthews said that in a recent survey by his company, 71 percent of government respondents said they were not taking all reasonable precautions to secure systems.

'William Jackson

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected