Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : The *NEW* Frank Coluccio Technology Forum -- Ignore unavailable to you. Want to Upgrade?

To: Raymond Duray who wrote (5225)	3/13/2002 11:07:57 PM
From: stephen wall	Respond to of 46821

computerworld.com Schmidt lays out cyberprotection board agenda By Dan Verton (Mar. 13, 2002) Six months to the day after the Sept. 11 terrorist attacks, Howard Schmidt, vice chairman of the president's Critical Infrastructure Protection Board, said the government is close to releasing an updated plan for protecting the nation's most critical systems and networks. Schmidt, formerly chief security officer at Microsoft Corp., said a new national plan for information systems protection will be on the street this summer. The document would supercede an earlier plan released by the Clinton administration in 2000 and will be based largely on input from private companies, according to Schmidt and earlier statements made by Richard Clarke, the president's principal adviser for cybersecurity. Schmidt made the statements Monday during a live webcast sponsored by Network World magazine, a sister publication of Computerworld. National Security Council experts are poring through more than 127 questions and issues raised by private companies, which operate the bulk of the nation's critical infrastructure, including the telecommunications grid, power stations and banking and finance networks, said Schmidt. In addition to delivering the national plan to the president, Schmidt outlined three other priorities that have taken shape since the presidential advisory board was established in the wake of the Sept. 11 attacks. One of those priorities is establishing the Cyber Warning Information Network (CWIN), which would enable authorities to "short-circuit viruses" and other attacks at the boundaries of critical networks, said Schmidt. The government also wants to focus more on research and development to increase the lead time on identifying future threats. A third priority is to improve education, including at the primary grade level, on ethical principles and computer use, said Schmidt. Although terrorists have primarily used the Internet to conduct command, control and communications, there are fears that future attacks could be accompanied by cyber-based incidents. "We never know whose fingers are on the keyboard on the other end," said Schmidt. The Bush administration is working with G8 member countries to establish treaties to facilitate prosecutions for international cybercrimes, said Schmidt. And while he's satisfied that progress has been made by the private companies responsible for protecting the nation's critical systems, Schmidt said the administration has a "particular concern" about the telecommunications grid and banking and finance systems that people rely on for day-to-day living. Peggy Weigle, CEO of Santa Clara, Calif.-based security consulting firm Sanctum Inc., said her firm has conducted security audits at more than 300 companies across all sectors and found that 97% of them were vulnerable to potentially crippling attacks through the Web-based applications they use to conduct business on the Internet . Weigle also confirmed details of a story first reported by Computerworld about an audit conducted at a major airline in which the passenger manifest and reservation system was compromised (see story). Since Computerworld first reported the findings of its investigation, San Jose International Airport has appointed 20 private-sector and local government experts to a blue-ribbon panel to study the IT security technologies that hold the greatest promise of bolstering the security of the airline industry's infrastructure, said Weigle. There's a chance that the panel may become a pilot project for the rest of the industry to replicate, she said. Sanctum also conducted another audit for an electric power company and was able to compromise the utility's maintenance schedules, said Weigle. Weigle said the government may need to pass additional legislation "to make things happen" because corporate executives aren't devoting enough attention to cybersecurity. Schmidt said the level of vulnerability "varies from sector to sector" but that overall, "we've not had a very integrated approach." webcast: nwfusion.com