Collaborative effort to secure cyberspace
- By William Jackson
- Mar 07, 2008
Officials of Capitol College in Laurel, Md., today kicked off what they described as nationwide campaign to create a working collaboration between academia, the private sector and government for securing the nation's cyber infrastructure.
The nation has plenty of good plans and resources for cybersecurity, starting with the 2003 National Strategy to Secure Cyberspace; legislation such as the Federal Information Security Management Act has been enacted; and isolated programs of excellence have been developed in individual agencies, companies and organizations. The Defense Department is requiring its IT workers to become professionally certified, the Office of Management and Budget has mandated a standard Federal Desktop Computer Configuration and a major effort is being made to reduce the government's Internet connections to a manageable number.
Yet despite these good efforts, the Government Accountability Office last October concluded that most agencies lack agencywide information security programs and had not adequately secured their information resources. The situation is no better in many industrial sectors.
'We're simply stalled as a nation when it comes to cybersecurity,' said Vic Maconachy, Capitol College's vice president for academic affairs and a former computer science official with the National Security Agency. 'We can no longer wait for someone to come along and lead the way.'
Maconachy spoke at a symposium in Washington Friday on America on the Cyber Edge, hosted by the college to initiate a national dialogue on cybersecurity. Capitol College focuses on engineering, computer science and information technology, and its president, Michael T. Wood, offered the school as a venue for bringing parties together to facilitate the sharing of information and best practices and bridge the isolated centers of excellence.
Maconachy said that in the absence of leadership, it makes sense for the nation's higher education community to step into the breach. 'In the past, when America has needed independent arbiters, academia has stood up to the challenge.'
Paul Kurtz, former presidential advisor and now executive director of SAFECode, an industry group focused on software assurance, said government has not offered leadership in this area. Only in the final years of the Bush administration have concrete steps been taken to improve the nation's cyber security posture, including an assistant secretary for cyber security in the Homeland Security Department and a recent national security presidential directive establishing a multibillion-dollar cyber initiative. Kurtz said much of this is due to the efforts of current National Intelligence Director Mike McConnell.
But any current initiatives could be threatened by the change in administrations that will occur next year, regardless of who wins this year's presidential election, Kurtz said.
'Whatever steps are started now, will there be momentum? Can we keep it up?' he asked. He called on likely Republican and Democratic candidates, Sens. John McCain (R-Ariz.), Hillary Clinton (D-N.Y.)and Barack Obama (D-Ill.), to make cybersecurity a priority in the winner's administration, and to establish in the first days of the administration a high-level point person responsible for cyber security. 'If not, we will lose a year or two.'
He said congressional reorganization also is needed to better define oversight responsibility for cyber security issues. The current environment of multiple committee jurisdictions makes it difficult for the administration to make its case for a massive program such as the president's cyber initiative and jeopardizes funding. He called for a joint cyber committee to oversee all aspects of the issue.
William Jackson is a Maryland-based freelance writer.