washingtonpost.com  > Technology > Tech Policy > Security

Tech CEOs Issue Cyber-Security Recommendations

Group Seeks to Guide Policy in Bush's Second Term

By Brian Krebs
washingtonpost.com Staff Writer
Tuesday, December 7, 2004; 5:13 PM

A group representing technology industry chief executives on Tuesday warned that the Bush administration has failed to follow through on its two-year-old strategy for protecting the nation's information infrastructure and offered recommendations for improving the government's handling of cyber-security in President Bush's second term.

At the top of the Cyber Security Industry Alliance's set of recommendations is raising the profile of cyber-security at the Department of Homeland Security by elevating the position of national cyber-security director to the assistant secretary level. Such a move, the technology community and some members of Congress believe, would bring stronger leadership to the division, whose director currently reports to an assistant secretary who is responsible for both cyber and physical security threats.

Microsoft Releases 3 New Windows Security Patches (The Washington Post, Jan 12, 2005)
Another Computer Security Official Quits (The Washington Post, Jan 12, 2005)
Microsoft Patches Flaw in Service Pack 2 (washingtonpost.com, Jan 11, 2005)
More Security News

"There is not enough attention on cyber-security within the administration," said Paul Kurtz, the alliance's director and a former senior cyber-security official in the Bush administration. "The executive branch must exert more leadership."

Alliance members include Computer Associates, Juniper Networks, McAfee and Symantec.

Kurtz was joined at Tuesday's event by Amit Yoran, the former director of Homeland Security's National Cyber Security Division who resigned in September.

"We really have an opportunity here to address cyber-security in a more aggressive fashion," said Yoran, who was the third high-level cyber-security official to leave the Homeland Security Department in 18 months. "There is broad unanimity across the cyber-security community that we are still vulnerable and we need to do more."

Technology industry sources told The Washington Post in October that Yoran left his post in part because he was frustrated that he lacked sufficient authority to implement cyber-security programs.

The latest congressional effort to raise the profile of cyber-security within the Homeland Security Department failed this week. House leaders included language raising the cyber-security director's status in a major bill designed to overhaul the nation's intelligence community, but the measure was stripped from the version of the legislation agreed to by House and Senate negotiators. A Senate Republican aide familiar with the bill declined to say why the language was not included. The final version of the bill, which would create a national intelligence director and counterterrorism center, is expected to receive congressional approval before the end of the week.

The technology industry alliance's recommendations closely mirror those set out in a 41-page report issued Monday by the House subcommittee on cyber security, part of the larger Homeland Security panel. That report also called for an assistant secretary post for cyber-security at Homeland Security, and urged the administration to consider tax breaks and other incentives for businesses that make computer security a top priority.

"Right now, it's hard to see how the strategy that the administration came up with a few years ago is being systematically implemented," said Rep. Mac Thornberry (R-Tex.), chairman of the panel that produced the report.

CONTINUED    1 2    Next >

© 2004 TechNews.com