Cisco - TABPI
Cisco - TABPI
Cisco - TABPI
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Security: Government<br />
DHS revamp on tap<br />
IN WAKE OF CRITICISM, CYBER-SECURITY TO GET HIGHER PROFILE<br />
By Caron Carlson IN WASHINGTON<br />
After months of escalating criticism<br />
from the IT industry that the<br />
Bush administration is devoting<br />
insufficient resources and attention<br />
to cyber-security, the fledgling<br />
Department of Homeland Security is<br />
already restructuring to give network<br />
safety a higher profile.<br />
The organizational changes, due to<br />
take place over the coming months,<br />
will show that the executive branch is<br />
taking cyber-security seriously, according<br />
to Charles McQueary, undersecretary<br />
for science and technology at the<br />
new department.<br />
McQueary addressed lawmakers here<br />
last week at a hearing of the House Committee<br />
on Science. The session took on<br />
a very un-Washington, almost-surreal<br />
quality as legislators chided civil servants<br />
for not chasing after enough funding for<br />
cyber-security research and development,<br />
and civil servants answered that there<br />
is plenty of money already being spent.<br />
“We’re not lacking for funds,” Anthony<br />
Tether, director of the Pentagon’s Defense<br />
Advanced Research Projects Agency, told<br />
the committee. “I funded every idea that’s<br />
come forth in this area this year. We’re<br />
more idea-limited right now than we<br />
are funding-limited.”<br />
Acting on ramped-up industry lobbying,<br />
legislators took to task the DHS,<br />
DARPA, the National Science Foundation,<br />
and the National Institute of Standards<br />
and Technology for not seeking out<br />
or setting aside adequate funds for cybersecurity.<br />
The preoccupation with national<br />
security since the terrorist attacks of Sept.<br />
11, 2001, was expected to unleash a torrent<br />
of government spending on IT goods<br />
and services, but the federal funds have<br />
not been as forthcoming as the industry<br />
had hoped.<br />
According to committee Chairman<br />
Sherwood Boehlert, R-N.Y., there have<br />
been complaints from throughout the<br />
research community that the DHS is not<br />
focusing on solving network vulnerabilities<br />
and that DARPA is operating<br />
under reduced resources.<br />
“It’s impossible to conclude that far<br />
more needs to be done,” Boehlert said,<br />
DHS’ Ridge (center) and DARPA’s Tether (right) are tuning out<br />
Boehlert’s complaints that cyber-security gets short shrift.<br />
NEWS&ANALYSIS<br />
directing DARPA’s Tether to “enlighten<br />
us as to why we’re moving in the wrong<br />
direction.”<br />
Most of DARPA’s resources are<br />
directed at classified projects, according<br />
to Tether, who said that a peek at<br />
the agency’s classified budget would<br />
make lawmakers more comfortable with<br />
the funding level.<br />
“We’re not concerning ourselves [with]<br />
the commercial networks,” Tether said,<br />
adding that DARPA is focused on solving<br />
problems that the private sector<br />
currently does not confront. The military<br />
faces threats from “attackers whose<br />
life depends on taking the network<br />
down,” he said, and projects are under<br />
way to make those networks increasingly<br />
wireless and peer to peer.<br />
“We’re really far ahead of the commercial<br />
world in this regard,” Tether said,<br />
adding that a prototype military network<br />
with 400 nodes to use for simulated<br />
attacks is in the works.<br />
Last week, DARPA sent its data<br />
mining report to Congress. Following<br />
public outcry over the research last<br />
year, the agency changed the project’s<br />
name from Total Information Awareness<br />
to Terrorism Information Awareness.<br />
When President Bush disbanded<br />
the President’s Critical Infrastructure<br />
Protection Board earlier this year following<br />
the resignation of its chairman,<br />
Richard Clarke, responsibilities for cybersecurity<br />
were transferred to DHS Secretary<br />
Tom Ridge. However, the subject<br />
was not given a sufficiently high<br />
profile or a sufficiently high-ranking<br />
executive to satisfy the industry.<br />
Turning the tables and taking a shot<br />
at the private sector, federal research officials<br />
told the Science Committee last<br />
week that if there is less-than-optimal<br />
attention devoted to cyber-security today,<br />
it is a result of problems in industry,<br />
not the government.<br />
“As a nation, our<br />
greatest vulnerability<br />
is indifference,” said<br />
Arden Bement, NIST<br />
director, citing recent<br />
surveys indicating that<br />
private enterprises “don’t<br />
really see themselves as<br />
a target.”<br />
“They just haven’t<br />
quite stepped up to ANDERSON<br />
the plate,” said Bement,<br />
in Washington. ´ STEPHEN<br />
MAY 26, 2003 n eWEEK 33