Return-Path: <sentto-279987-2806-1002644999-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 09 Oct 2001 09:31:08 -0700 (PDT) Received: (qmail 21494 invoked by uid 510); 9 Oct 2001 16:29:54 -0000 Received: from n1.groups.yahoo.com (216.115.96.51) by 204.181.12.215 with SMTP; 9 Oct 2001 16:29:54 -0000 X-eGroups-Return: sentto-279987-2806-1002644999-fc=all.net@returns.onelist.com Received: from [10.1.4.56] by n1.groups.yahoo.com with NNFMP; 09 Oct 2001 16:29:57 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_4_1); 9 Oct 2001 16:29:59 -0000 Received: (qmail 60807 invoked from network); 9 Oct 2001 16:29:59 -0000 Received: from unknown (10.1.10.27) by l10.egroups.com with QMQP; 9 Oct 2001 16:29:59 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 9 Oct 2001 16:29:58 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id JAA24183 for iwar@onelist.com; Tue, 9 Oct 2001 09:29:58 -0700 Message-Id: <200110091629.JAA24183@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 9 Oct 2001 09:29:58 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Cyber.Security.Key.to.New.U.S.Initiative] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cyber Security Key to New U.S Initiative By Jay Lyman, www.NewsFactor.com, 10/9/2001 <a href="http://dailynews.yahoo.com/h/nf/20011009/tc/14015_1.html">http://dailynews.yahoo.com/h/nf/20011009/tc/14015_1.html> Federal and other officials say that cyber security will be a key component of the new Office of Homeland Security -- but some computer security experts worry that more bureaucracy will bog down protection. While the man named to head the new office, former Pennsylvania governor Tom Ridge, has a history of tapping technology for public policy issues, there is concern over his ability to coordinate some 40 agencies, including the Federal Bureau of Investigation (FBI (news - web sites)) and the Central Intelligence Agency (news - web sites) (CIA (news - web sites)). And although officials as high as the President of the United States stress the value of secure information in the war on terrorism, industry experts doubt that government can cut through the red tape to protect the Internet. "I think there's a big need [for cyber security], but I'm not sure the way the government is going about it will really have much effect," SecurityFocus incident analyst Ryan Russell told NewsFactor Network. "I think we're a long way off from being secure. The best we can do is act responsively, and I don't see that changing for at least the next decade." Information Is Power There has been some skepticism that a new Office of Homeland Security is the best way to address the kinds of security gaps that allowed September's hijackers to slip through the system, and to prevent future attacks, including on the Web. But at Ridge's swearing in on Monday, President George W. Bush (news - web sites) said the new office has his weight behind it. "The Homeland Security Office has a series of specific goals, and will have my authority to meet them," the President said. "One, take the strongest possible precautions against terrorism by bringing together the best information and intelligence. In the war on terror, knowledge is power." While it is still taking shape, the "homeland defense" initiative also includes a new deputy national security adviser who will coordinate anti-terrorism efforts of the National Security Council, which now includes an Office of Cyber Security. Tech Admins Only Still, security experts like Russell say that cyber security problems center on the need for system administrators, not federal administrators. "It looks like most of the problems out there have to do with bodies to do the work," he told NewsFactor. Russell, who recalled a two-day authority delay when he was asked to look at a government agency server, said officials typically focus too much on "penetration testing" to find out whether systems are vulnerable, leaving the same security holes year after year. "They're finding gaping, massive holes and keep coming back and finding the same problems over and over again," he said. "You never can tell what's going to result, but I'm skeptical based on the past." A New World Russell did say that the terrorist attacks may have changed the mindsets of government officials and large software makers like Microsoft (Nasdaq: MSFT - news), putting a new priority on security. "They seem to be acknowledging there is a systemic problem," Russell said, adding that government is a large user of Microsoft products and has the same security problems as other users of the popular software. Speaking at the White House on Monday, Ridge -- who has made deals with Microsoft, Unisys and other technology companies while governor of Pennsylvania -- indicated a need to bring together the various federal, state and local agencies involved in securing everything from local highways to the information superhighway. He added that candor and cooperation would be the driving principle for the new office. "The President's executive order states that we must detect, prepare for, prevent, protect against, respond to and recover from terrorist attacks -- an extraordinary mission," Ridge said. "But we will carry it out." ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:54 PST