Federal agencies urged to secure networks

[InfoSec News <isn () C4I ORG>]

http://www.idg.net/ic_181566_1794_9-10000.html

Federal agencies urged to secure networks
By Diane Frank
Federal Computer Week, 05/23/00

Agencies need to move quickly to secure their critical networks even
without the immediate backing of Congress and the president, federal
officials urged.

It will take time before Congress can act on the president's
recommendations for critical infrastructure protection (CIP) within
the National Plan for Information Systems Protection, said Jeffery
Hunker, director of transnational threats at the National Security
Council, at the CIP 2000 Conference.

There is no greater sin then recognizing a threat and doing nothing
about it, he said. "You should not be waiting, you should not be using
the Congress as an excuse for doing nothing," Hunker said.

Sen. Robert Bennet (R-Utah) said it might take some time for Congress
to be able to respond appropriately to security threats. "We are
organized to deal with Industrial Age problems," he said. "The "love
bug' cut across all these jurisdictions instantaneously, and Congress
is not set up to deal with issues that cut across jurisdictions."

Hunker outlined six elements from the president's plan that the
administration is asking Congress to fund but agencies can act upon on
their own:

* Building a trained organization. * Developing and using best
practices and standards. * Performing and using vulnerability
assessments. * Sharing security information. * Working with warning
response and recovery organizations. * Developing systems for
obtaining resources and assigning accountability.

"Even if it is a tiny step forward, all of us can move the ball
forward in our own organizations," Hunker said.

Berislav Kucan aka BHZ
bhz () net-security org
http://net-security.org

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".