A national strategy for securing cyberspace. (Tech Talk).This month, the White House Office of Cyberspace Coined by William Gibson in his 1984 novel "Neuromancer," it is a futuristic computer network that people use by plugging their minds into it! The term now refers to the Internet or to the online or digital world in general. See Internet and virtual reality. Contrast with meatspace. Security will release the first draft of the national strategy for cybersecurity. The strategy, which has been in the works since last year, has been developed with the assistance of many information security professionals in the private sector, particularly those whose industries are part of the nation's critical infrastructure sectors, such as the chemical and energy sectors. The effort will be ongoing, however, even after the plan is formally issued; the policy is designed to be updated regularly as the threats to information security change and grow. Tiffany Olson, the deputy chief of staff on the president's Critical Infrastructure Protection Department of Defense (DOD) program to identify and protect assets critical to the Defense Transportation System. Loss of a critical asset would result in failure to support the mission of a combatant commander. Board (CIPB CIPB Citizens for Independent Public Broadcasting CIPB Critical Infrastructure Protection Board (NIPC) CIPB Computer-Integriertes Private Banking CIPB China International Poster Biennial CIPB Canadian Initiative for the Prevention of Bullying ), explains that the plan is divided into five levels: home users and small businesses; major enterprises; sectors of national information infrastructure (including local, state, and federal government); national level institutions and policies (including groups that oversee the mechanics of the Internet itself); and global. "In each section [of the strategy], we'll talk about some of the problems and issues surrounding that area, we'll talk about what's already in place, what's worked and what hasn't worked, and some of the new recommendations to improve that area," Olson says. She says that the goal of the plan is to provide information and benchmarks, not to set up government control. "We are supportive of best-practices guidelines, which we will have in the national strategy, but in no way are we trying to regulate any of the sectors," she says. While she declined to name what particular benchmarks will be included in the strategy, she said that some are being taken from existing knowledge and some have been created for this initiative by industry professionals. Scott Blake, vice president of information security at Internet security ''This article or section is being rewritten at Internet security is the process of protecting data and privacy of devices connected to internet from information robbery, hacking, malware infection and unwanted software. company BindView, worked with the Information Technology Association of America See ITAA. to get feedback for the plan from high-tech industries. He says that the plan will try to balance specific recommendations with broader issues. "It will be a mix of the two," he says. "It doesn't get to the level of specificity of something like the Center for Internet Security's benchmarks [which allow system administrators to measure the level of security of their operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. ], but it is more specific than saying 'We need to share information.' Rather, it will explain how to do it," he says. Olson says that one of the most interesting ideas the board is working on is an assistance program to help small businesses beef up computer security, and she is meeting with the Small Business Administration to work out the details. For starters, the program will focus on awareness and education of cybersecurity among small business owners, she says. "We're considering the idea of grants or loans to small businesses if they implement cybersecurity into their business plans," she says, but that step has not yet been approved. The CIPB solicited comments and recommendations in a number of ways designed to get maximum input from those involved with protecting cyberspace. ASIS International ASIS International (each letter pronounced separately), previously known as American Society for Industrial Security (ASIS) is an international organization for security professionals. Founded in 1955, it has more than 34,000 members in 204 chapters worldwide. was among the groups helping to orchestrate input. It was asked to assist with setting up four local "town ball meetings" where local businesses, as well as political, security, and law enforcement leaders, could attend and comment. These meetings, which were held through the spring and summer in Denver, Chicago, Portland, and Atlanta, allowed CIPB members, including Richard Clarke Richard Clarke may be
"I think the town hail meeting was a great idea, not just because of the people who got up to say something, but because of all the discussions that happened throughout the day" between CIPB members and attendees, says Alan Paller, director of research at the SANS Institute The SANS Institute (SysAdmin, Audit, Networking, and Security) is a trade name owned by the for-profit Escal Institute of Advanced Technologies. SANS provides computer security training, professional certification, and a research archive. , an information security research and educational organization. Paller's organization was another source of feedback for the plan. SANS used its Web site to post the questions chosen by the CIPB to guide respondents in addressing key issues of the plan. It then collected the answers and compiled them for the drafters of the plan. Paller says that the SANS site alone collected more than 200 suggestions. The rollout of the plan this month in San Jose, California San Jose (IPA: /ˌsænhoʊˈzeɪ/) is the third-largest city in California, and the tenth-largest in the United States. It is the county seat of Santa Clara County. , is only the next step in the plan's evolution, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Olson. "We have a second series of town hail meetings coming up with the rollout of the strategy," she says. "Those town halls, just as with the first series, are there for two purposes: to raise awareness on cybersecurity issues at state and local levels and to receive input on the national strategy." The meetings, which will continue through December, will take place in a number of cities, including Boston, New York Boston is a town in Erie County, New York, United States. The population was 7,897 at the 2000 census. The town is named after Boston, Massachusetts. The Town of Boston is an interior town of the county and one of the county's "Southtowns. , Phoenix, and San Antonio San Antonio (săn ăntō`nēō, əntōn`), city (1990 pop. 935,933), seat of Bexar co., S central Tex., at the source of the San Antonio River; inc. 1837. . @ For more information on when and where they will be held, go to SM Online and to "Beyond Print." Then scroll to this item in "Tech Talk" |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion