Tuesday December 4, 11:44 PM
Cyber chief to map infrastructure
By Andy Sullivan
WASHINGTON (Reuters) - The U.S. government plans to
develop a model of the nation's railroads, gas pipelines,
telecommunications networks and other "critical
infrastructures" to better understand how they affect each
other, the nation's top cybersecurity chief says.
As part of its efforts to beef up homeland security, the
federal government will set up a national centre for
infrastructure simulation and analysis in January, said
Richard Clarke, chairman of President George W. Bush's
Critical Infrastructure Protection Board.
"The centre will create, if you will, an acupuncture map of
the country, so that if there is a fire in a railroad tunnel in
Baltimore, we know the Internet slows down in Chicago,"
Clarke told a gathering of high-tech executives at the
Business Software Alliance's first Global Tech Summit on Tuesday.
The simulation is another attempt by the federal government to secure the
nation's sprawling telecommunications networks in the wake of the Sept. 11
hijacking attacks that killed 3,600 in New York and Washington.
"We have migrated function after function into the IT (information technology)
cloud without thinking about security," he said.
One way to do that, Clarke suggested in October, would be to build a secure
computer network for government agencies completely separated from the
Internet, dubbed "Govnet."
While his idea has received a mixed reception from the high-tech community,
Clarke said Tuesday that the government had received 167 private-sector
proposals on how to build Govnet.
The ideas were being reviewed by the government and a separate team at
Carnegie Mellon University, he said.
Govnet would not necessarily be built entirely from scratch, he said, but
assembled from existing agency-specific networks. It could use fingerprint
scanners, iris scanners or other "biometric" devices to screen users, he said.
"With all these things, we might be able to set an example with Govnet," he said.
Clarke also appealed to the private sector, which controls the vast majority of
the Internet's infrastructure, to beef up its security practices as well.
"We need to decide that IT security functionality will be built into what we do.
It's not an afterthought anymore," he said.
Software products should be shipped with security settings at their highest
level, he said, and high-speed Internet providers should require individual users
to install "firewalls" to protect against damaging viruses.
Software companies should not just make "patches" available to fix
vulnerabilities in their products, but automatically update users' software for
them, he said.
"It's not beyond the wit of this industry to figure out a way of forcing down
these patches," he said.
uk.news.yahoo.com
steve |
