May 2002: The White House says it will release the final version of
the cybersecurity strategy on Sept. 19, 2002.
Sept. 17, 2002: Despite plans to have technology luminaries like
Microsoft Chairman Bill Gates in attendance at a big signing ceremony
at Stanford University, the White House decides to hold back the final
cybersecurity plan. Instead, it says it will release another draft to
seek further comment from businesses most likely to be affected by the
Cyber-Attacks by Al Qaeda Feared (The Washington Post, Jun 27, 2002)
White House Pushing Cybersecurity Insurance (washingtonpost.com, Jun 27, 2002)
Related Documents and Resources On The Web (washingtonpost.com, May 16, 2003)
Key Players in U.S. Government's Cybersecurity Efforts (washingtonpost.com, May 16, 2003)
A Short History of Computer Viruses and Attacks (washingtonpost.com, Feb 14, 2003)
Sept. 19, 2002: The cybersecurity plan draft is released. It has been shorn of some of its most controversial provisions, including a proposal that would have required high-speed Internet service providers to bundle firewall products with their
services. The administration also pulls language calling for an industry-fed cybersecurity fund, as well as a section on restricting the use of emerging wireless networks until their security is approved. The draft plan is critized by some security groups who accuse the administration of kowtowing to industry pressure.
Nov. 2002: For the third year in a row, most federal agencies earn
failing marks for computer security.
Nov. 2002: President Bush signs the "Cybersecurity Research &
Development Act," which calls for $900 million over five years for
security research and education.
Nov. 2002: President Bush signs legislation creating the Department of
Homeland Security, a department that absorbs 22 federal agencies, including five cybersecurity offices and programs. The law expands
the ability of authorities to obtain information from telephone and Internet service providers. The legislation also
increases fines and jail terms for a range of computer crimes, and calls for life in prison for hackers whose online antics result in the serious bodily injury or death of another.
Jan. 2003: White House cybesecurity czar Richard Clarke resigns.
Howard Schmidt, vice chairman of the President's Critical Infrastructure Protection Board and former chief security officer at Microsoft Corp., assumes his duties.
Feb. 2003 The White House releases the cybersecurity plan after President Bush gives his formal approval in late
January. It includes handy tips for home Internet users to keep their networks safe, as well as similar recommendations for busines
s. It also calls for government contingency plans in case a major section of the Internet is rendered inaccessible because of a cyberattack.
Mar. 2003: The Homeland Security Department names a senior executive from Coca Cola Corp. -- Robert Liscouski --
and a former CIA official -- Paul Redmond -- to top positions dealing with information security. The administration also says it pl
ans to ask Frank Libutti, the former NYC Police Department's counterterrorism chief, as the undersecretary for information analysis
and infrastructure protection.
Apr. 2003: The Homeland Security Department picks Nuala O'Connor Kelly, the former chief privacy officer of DoubleClick Inc., as its privacy czar.
Apr. 2003: Howard Schmidt resigns as White House cybersecurity officer after only two months on the job. The move reflects the administration's intent to centralize cybersecurity authority in the new Department of Homeland Security.
May 2003: The Homeland Security Department says it will create an office specifically to carry out the White House's national cybersecurity strategy.