Industry balks at Clinton critical protection plan

The Clinton administration took its first step last week to form partnerships with companies and private-sector groups to protect the nation's critical infrastructures from electronic and physical threats, but the effort is already drawing criticism from the telecommunications industry.

The Commerce Department's National Telecommunications and Information Administration (NTIA) released a request for expressions of interest to enlist telecommunications companies and hardware and software suppliers to develop a plan to protect the information and communications infrastructure from cyberattacks.

The effort is the result of President Clinton's May directive that requires agencies to reach out to the owners and operators of financial markets, power grids, water supplies and telecommunications systems to develop a way to protect from cyberattacks the computers that support those critical infrastructures.

While most experts generally agree on the need to develop a national plan for protecting the critical assets— something that would not necessarily occur under the direct control of the government— enticing the private sector to work with the government has often been considered one of the primary hurdles standing in the way of making the program work.

The NTIA request calls for volunteers as "sector coordinators," who will work with the government to assess the vulnerabilities of the communications sector to cyberattacks and propose a system for identifying and preventing attacks. The coordinators— which could include trade associations, professional societies or consortiums formed especially for infrastructure protection— also will develop a plan for alerting, containing and rebuffing an attack in progress.

According to NTIA's request, the private sector would provide information to the government about cyberattacks, but the government would not be required to supply the private sector with information, said Mark Gembicki, president of WarRoom Research LLC in Annapolis, Md., and head of the Manhattan Cyber Project, a government/industry partnership to study information warfare attacks on the nation's infrastructure.

The President's Commission on Critical Infrastructure Protection, which first recommended the partnerships, hosted a simulation that tested this type of relationship among the government and the owners and operators of the critical infrastructures. As part of the simulation, the private-sector participants were required to forward information about threats and vulnerabilities to law enforcement agencies. Before the end of the simulation, the private-sector participants quit because they were not receiving any information back from the government, said Gembicki, who was a participant.

The private sector also is reluctant to enter into the partnerships because of worries about what may happen to threat and vulnerability information turned over to the government, said Daniel Wiener, vice president of advanced technology programs at Unisys Corp.

"There is a legitimate need to share information, but the issue is: Can the government protect it?" Wiener said. He also questioned whether industry participants would be able to justify a business case for the costs associated with being a sector coordinator.

However, Irwin Pikus, director of the infrastructure assurance program at Commerce's NTIA, said, "This is an area that is of interest to a large number of people in the private sector. It's ripe for an undertaking. It affects their own business interests. They are indeed good citizens; they have a feeling for their role in protecting national security."


  • Elections
    voting security

    'Unprecedented' challenges to safe, secure 2020 vote

    Our election infrastructure is bending under the stress of multiple crises. Administrators say they are doing all they can to ensure it doesn't break.

  • FCW Perspectives
    zero trust network

    Can government get to zero trust?

    Today's hybrid infrastructures and highly mobile workforces need the protection zero trust security can provide. Too bad there are obstacles at almost every turn.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.