American Internet Security plans revealed
The White House has declassified parts of a top secret plan outlining how government will protect the nation's computer networks from cyber warfare.
The announcement by cybersecurity tsar Howard Schmidt was made at the world's biggest security event. The move is aimed at encouraging greater co-operation between academia, government and the private sector. "We have to fully recognise the importance cybersecurity has in our lives," Mr Schmidt said. "We must continue to seek out innovative new partnerships - not only within government, but also among industry, government and the American public," he told delegates at the event, hosted by the security company RSA in San Francisco.
It was his first major speech to industry peers since being appointed to the job in December 2009. The Comprehensive National Cybersecurity Initiative (CNCI) was introduced in 2008 by then-President George W Bush. There are 12 parts to the CNCI, including cyber counterintelligence and deterrence strategies. For the first time the government has published a general description of what they are on its website.
The aim of the programme is threefold:
• to establish a front line of defence against today's immediate threats
• to defend against the full spectrum of threats
• to strengthen the future cybersecurity environment
The CNCI funds a number of sensitive projects including the government's Einstein technology, which focuses on securing the vast computer network that operates under the dot.gov domain, as well as detecting attempts to access those systems. The document acknowledges that traditional security approaches have fallen short, but says the federal government is moving forward in outlining "grand challenges" for the research community to help solve. Mr Schmidt said the declassification would show that the government has a workable strategy for protecting the nation's computer systems in the event of a cyber attack. Parts of the initiative that deal with the nation's offensive plans for cyberwarfare have not been made public.
Reaction to the announcement ranged from caution to praise. One supporter is Michael Markulec, chief operating officer for Lumeta, a company that provides large organisations and government agencies with secure network solutions. "This move brings more people to the table - organisations like mine that play in the cybersecurity space, experts here at the RSA who are currently not involved in discussions because they have been at a classified level inside the government. "So this allows more people to play and given that 85% of the critical infrastructure is not in government hands, it certainly makes sense to include the rest of the expertise," Mr Markulec told BBC News. Hilton Collins of Government Technology Magazine agrees. "The private sector has so much knowledge, power and money that for them to help the government innovate more technology security solutions is the right way to go." The Electronic Privacy Information Centre (Epic), which had demanded the full text of the CNCI, said it was pleased about the declassification. However the group said it still wanted to see the full document and what privacy safeguards are in place when assessing cyber threats.
Return to security news headlines
View Security News Archive