- The Washington Times - Thursday, June 5, 2003

Today, the Bush administration announced a new division charged with ensuring the nation is prepared to defend itself against the growing threat of cyber attacks.

This is a welcome move to those of us who have long been calling for greater national and global attention to information security.But it is just one step, and one that can only succeed with long-term commitment and involvement from officials in the highest ranks of both business and government.

More than 20 months after the September 11 terrorist attacks thrust security to the forefront of global policy debates, the United States has made significant strides in improving it’s physical and information security. Unfortunately, we still remain largely ill-prepared to defend against threats to our critical information networks, meaning a major virus or attack could wreak havoc on our communications, transportation, utility, financial or other vital information backbones.

And the number and potential severity of such attacks is increasing. In the first quarter of this year, the Computer Emergency Response Team (CERT) at Carnegie Mellon University received more than 42,000 reports of network attacks and intrusions. That’s more than half of the attacks reported in all of 2002, indicating the number of incidents could well be on its way to quadrupling in 2003.

These numbers underscore the need to ensure that the White House, Congress and the private sector work quickly, aggressively and cooperatively to reverse that trend. A blueprint for this daunting task is already in place with the National Strategy to Secure Cyber Space, which was released earlier this year by the Bush administration.

The Department of Homeland Security announcement takes the next step of creating a formal structure for overseeing implementation of that plan. Congress must follow suit with strong oversight of the department and other federal agencies, aggressive monitoring of the security of federal information systems and the appropriation of adequate resources to keep government computer systems safe.

At the same time, companies large and small must enlist their top executives to ensure that the private sector — which owns nearly 90 percent of the nation’s increasingly important information networks — is held accountable for securing its information systems. And despite tough economic times, companies must also stay dedicated to developing new cutting-edge solutions for protecting public and private networks alike.

We all have a responsibility to make this work. Meeting the information security challenge is not just the job of the government. It is not just the job of industry.It is not just the job of universities and schools. It is not just the job of the home user. It is everyone’s job, and industry and government can set the example by making sure that this issue is at the CEO level of every organization.

In the federal government, recent legislation that imposes baseline security requirements for agency computer networks is starting to make a difference. But Congress needs to do more. It needs to use these new laws to make sure that the heads of agencies that fail to meet crucial digital-age security requirements are held accountable.

Accountability is just as important in the private sector.While some large corporations are spending hundreds of millions of dollars in training programmers or establishing multiple layers of security, more can be done. A first step for private companies is to integrate information security into their core business operations.

Today, as the Bush administration has done, let’s renew our commitment do our part and make information security a top priority.

Robert Holleyman is president and CEO of the Business Software Alliance. Rep. Adam Putnam is chairman of the House Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census.

Sign up for Daily Newsletters

Manage Newsletters

Copyright © 2021 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.


Click to Read More and View Comments

Click to Hide