Return-Path: <sentto-279987-3101-1003420283-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Thu, 18 Oct 2001 08:52:07 -0700 (PDT) Received: (qmail 19539 invoked by uid 510); 18 Oct 2001 15:51:01 -0000 Received: from n6.groups.yahoo.com (216.115.96.56) by 204.181.12.215 with SMTP; 18 Oct 2001 15:51:01 -0000 X-eGroups-Return: sentto-279987-3101-1003420283-fc=all.net@returns.onelist.com Received: from [10.1.1.223] by n6.groups.yahoo.com with NNFMP; 18 Oct 2001 15:51:23 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 18 Oct 2001 15:51:22 -0000 Received: (qmail 46191 invoked from network); 18 Oct 2001 15:51:15 -0000 Received: from unknown (10.1.10.26) by 10.1.1.223 with QMQP; 18 Oct 2001 15:51:15 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta1 with SMTP; 18 Oct 2001 15:51:15 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id IAA14731 for iwar@onelist.com; Thu, 18 Oct 2001 08:51:15 -0700 Message-Id: <200110181551.IAA14731@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Thu, 18 Oct 2001 08:51:14 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:U.S..Cyberspace.Security.Office.Must.Define.Its.Mission.--.Now] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit U.S. Cyberspace Security Office Must Define Its Mission -- Now Rich Mogull, Gartner Group, 10/18/2001 <a href="http://www3.gartner.com/DisplayDocument?doc_cd=101748">http://www3.gartner.com/DisplayDocument?doc_cd=101748> The U.S. government's new Cyberspace Security Office marks an important first step in protecting America's electronic infrastructure. However, the office must immediately establish its responsibility and authority. Event On 9 October 2001, the U.S. government announced the creation of the Office of Cyberspace Security to advise the president on risks to electronic infrastructure and protective measures. Richard Clarke, a longtime senior public servant and a well-known authority on cybersecurity, will head the office, which is part of the new Office of Homeland Security, formed in response to the terrorist attacks of 11 September 2001. First Take The U.S. government has made a positive move, but many questions remain about the role of the Office of Cyberspace Security. A highly experienced, capable leader, Clarke needs to define the role of the office and to secure clear authority, budget and resources. The United States needs an effective cybersecurity agency with the clout to get the job done. Gartner believes the office should take a proactive role in: * Coordinating federal resources serving as both a single point of contact and a coordination center for incident reporting and resolution * Managing information serving as a single point of contact for the public and private sectors, monitoring incidents and trends to better issue public alerts and to prepare and coordinate defenses, and receiving and disseminating appropriate, timely information from intelligence and other agencies * Developing public policy studying vulnerabilities and crafting legislative responses, e.g., mandating tighter security requirements for Internet service providers, such as ingress and egress filtering to limit spooling * Fostering public/private cooperation working closely with the private sector to gather information and provide needed intelligence and guidance. Enterprises need to feel confident that they can notify the government of threats without compromising their business interests, and the government needs their assistance in dealing with threats. Previous government attempts at cybersecurity have generally been ineffective; in fact, the government tends to do a poor job of securing its own systems, let alone those of the private sector. The Office of Cyberspace Security also faces all the usual problems of new government agencies, including the government's traditional difficulties in working with the private sector and turf wars over budget, personnel and mission. Defining the office's mission is by far the most important priority. The office must immediately define its responsibilities and authority to avoid the problems that hampered previous efforts to secure electronic infrastructure and allowed serious security breaches. Analytical Source: Rich Mogul, GartnerG2 Written by: Terry Allan Hicks, gartner.com ------------------------ Yahoo! Groups Sponsor ---------------------~--> Get your FREE VeriSign guide to security solutions for your web site: encrypting transactions, securing intranets, and more! http://us.click.yahoo.com/UnN2wB/m5_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:55 PST