- The Washington Times - Wednesday, September 18, 2002

The Bush administration's top computer-security chief said companies and consumers must share responsibility with the federal government to protect cyberspace.

"Almost all of us rely on cyberspace. Everyone has to understand how to protect their part of it," said Richard A. Clarke, special adviser to the president for cyberspace security.

In a draft of the 65-page report circulated by the White House yesterday, Mr. Clarke outlines more than 80 proposals that consumers, large companies, industry sectors and the federal government can take to bolster security.

The report recommends home users be more vigilant in updating anti-virus software and large companies articulate security policies and enforce them. It also suggests companies within key sectors of the economy like the banking, transportation, energy and chemical industries force computer vendors to sell more secure technology by leveraging their buying power and purchasing equipment together.

"It's a very pragmatic plan," said Alan Paller, director of research at SANS Institute, a computer-security think tank in Bethesda.

Among the most impressive recommendations, Mr. Paller said, is one forcing each branch of the federal government to test computer systems regularly.

Mr. Clarke, a former Clinton administration official hired last October to shore up the nation's cyberspace security, will release the report today at Stanford University on the one-year anniversary of the costly attack of the worm and virus hybrid called Nimda. That attack infected more than 2.2 million servers and personal computers after starting on Sept. 18, 2001, and caused more than $635 million in damages.

The report does not recommend bolstering computer security by enacting government regulations. Mr. Clarke denied that the private sector lobbied hard to keep restrictions on computer makers and Internet-service providers out of the recommendations.

"We have not been changing things under pressure from anyone," he said.

Harris Miller, president of the Information Technology Association of America, an industry trade group based in Arlington, said thrusting new regulations on technology firms won't improve computer security.

"There are a few ivory-tower academic types who think that government regulation will make all the problems go away. But the idea that regulations are the solution is naive," Mr. Miller said.

But unless everyone takes steps to improve security, little is gained because seemingly secure computers connected to the Internet are vulnerable, Mr. Paller said.

"Those who don't [bolster security] put all the rest of us at risk," he said.

Relying on consumers to take voluntary steps to improve the security of home computers could be risky, according to a new report. An online survey released yesterday by the National Cyber Security Alliance found that 75 percent of people questioned are open to computer attacks because they don't have anti-virus software or don't update it often enough.

Bolstering computer security has become more urgent as the nation becomes more dependent on technology, according to Mr. Clarke's report.

Before his new proposal to beef up computer security, Mr. Clarke's signature plan was one last year to start GovNet, a secure network to support government telecommunications.

Copyright © 2018 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times is switching its third-party commenting system from Disqus to Spot.IM. You will need to either create an account with Spot.im or if you wish to use your Disqus account look under the Conversation for the link "Have a Disqus Account?". Please read our Comment Policy before commenting.

 

Click to Read More and View Comments

Click to Hide