Bush security panel plan gets mixed reviews

Bush security panel plan gets mixed reviews

Some experts doubt that the president's plan to restructure government cybersecurity will improve the protection of critical networks.

'There is a lack of acceptable standards that agencies are able to implement,' said Alan Matthews, president of Rapid7 Inc. of New York, which provides vulnerability assessment tools.

The job of any high-level board should be to allocate resources and assign accountability rather than to impose blanket policies, Matthews said.

A draft executive order from President Bush reportedly would eliminate the current position of national coordinator for infrastructure protection and replace it with a 21- or 23-member board under national security adviser Condoleezza Rice.

Although top-level support for cybersecurity is essential, security cannot be imposed from above, experts said.

'People are taking potshot audits at agencies, without telling them how to do it right,' said Alan Paller, director of research at the SANS Institute in Bethesda, Md. 'You can't fix security if you don't know what to do. The way we get that is with metrics and proven practices.'

Matthews said that in a recent survey by his company, 71 percent of government respondents said they were not taking all reasonable precautions to secure systems.

'William Jackson

Featured

  • 2020 Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected