, SecurityFocus 2008-04-12
SAN FRANCISCO, Calif. -- Top Bush Administration officials descended on the RSA Security Conference this week laying out the government's plans for protecting critical networks and giving a small taste of the latest national cyber exercise, Cyber Storm II.
On Tuesday, Michael Chertoff, Secretary of the five-year-old Department of Homeland Security, stood in front of attendees during an unscheduled keynote and reiterated many of the themes pushed by the Bush Administration -- and the Clinton Administration before it -- regarding cybersecurity. Among the top initiatives, Chertoff expounded on the need for public-private partnerships, and for each company and organization to protect their part of the network.
"Because of the interdependence of our society and our economy, a cyberattack would have consequences across the market," Secretary Chertoff told attendees. He added: "A single individual, a small group of people, and certainly, a nation-state can cause damage on a scale that had previously been seen only if you dropped bombs."
The Department of Homeland Security gave security professionals the full-court press at the conference. In addition to trotting out Secretary Chertoff, the U.S. agency also had Gregory Garcia, the assistant secretary for cyber security and communications, speak during two sessions, including a "Town Hall" meeting on Wednesday that discussed some aspects of last month's cyber response exercise.
Other business and government officials -- including Rep. James Langevin (D-RI), the chairman of the House Subcommittee on Emerging Threats, Cybersecurity and Science and Technology, who has been critical of some of the Bush Administration efforts -- credited the government with making some progress in the past year.
"Up 'til now, in many respects, it has been an area that has largely been ignored by the government," Langevin said during a Tuesday panel on the nation's cyber readiness. "I believe we will never be 100 percent secure just because of the nature of the Internet, but I believe we have to" work together to improve security.
The focus on cybersecurity is a departure from the short shrift that the government gave to the issue at the beginning of the decade. While the Bush Administration released its National Strategy to Secure Cyberspace in 2003, the final document significantly softened the government's stance on securing critical infrastructure, which is primarily maintained by private companies. The Administration also collected most of the cybersecurity capabilities into the Department of Homeland Security and then failed to fund the efforts.
On Tuesday, Secretary Chertoff stressed that DHS intended to fund the U.S. Computer Emergency Readiness Team (US-CERT), the nation's cyber response organization, at $115 million in 2008, with a requested budget of $192 million in 2009.