Feds, states, industry need to work together to confront potential attacks, Virginia governor says
Calling the Internet and information technology "tools of freedom in the
21st century," Virginia Gov. Jim Gilmore told a House committee Oct. 17
that the nation's cybersecurity efforts to protect those tools need to encompass
all levels of government — local, state and federal — as well as the private
Gilmore told the House Science Committee that following the Sept. 11
terrorist attacks, officials must assume that terrorists or hostile nations
are capable of severely disrupting the country's critical infrastructures.
Gilmore is chairman of an advisory panel that Congress established in 1999
to assess America's ability to respond to terrorism involving weapons of
Critical infrastructures — such as banking and finance systems, health
care facilities, the delivery of goods and more — all rely on IT connections
and databases, "and each can be shut down or severely handicapped by a cyberattack,"
In Virginia, a state that contains information assets at critical sites,
such as the Pentagon, the CIA and a Federal Reserve Bank, state officials
are developing a plan that could be a model for a national cybersecurity
strategy, Gilmore said. The plan involves cataloging current and new critical
information assets, establishing a program to manage each one's unique risk
and coordinating preparations with federal government, state, industry and
public organizations that depend on them, he said.
Gilmore offered several recommendations to the panel on how to manage
* Create an independent advisory board to evaluate programs that are
designed to promote cybersecurity and recommend strategies to the president
and Congress. The panel would review federal laws relating to cybersecurity,
study cybersecurity issues and provide new ideas to the director of the
Office of Homeland Security, Tom Ridge.
* Create a nonprofit organization to represent the interests of public
and private stakeholders and hammer out disagreements on the sharing of
intelligence and real-time information between them. The private sector
is concerned about how sharing data could impact customers' privacy, and
companies want to guard their proprietary information, such as earnings,
* Create a special "cyber court," similar to the court allowed under
the Foreign Intelligence Surveillance Act, that would enable prosecutors
and investigators, working with judges experienced in cybersecurity issues,
to act quickly while protecting civil liberties.
* Create a publicly funded consortium of nonprofit universities and
think tanks that would enhance cybersecurity research and development efforts
and boost the number of researchers in future generations. The Science Committee
recently held a hearing on the lack of cybersecurity research being done,
and Chairman Sherwood Boehlert (R-N.Y.) said this proposal in particular
"is music to our ears."
* Have all government agencies continue their Year 2000 offices as "cybersecurity
NEXT STORY: Bush panel to fight cyberterror