Agencies urged to secure networks

Agencies need to move quickly to secure their critical networks even without

the immediate backing of Congress and the president, federal officials urged.

It will take time before Congress can act on the president's recommendations

for critical infrastructure protection (CIP) within the National Plan for

Information Systems Protection, said Jeffery Hunker, senior director for

infrastructure protection at the National Security Council, at the CIP 2000 Conference.

There is no greater sin then recognizing a threat and doing nothing about

it, he said. "You should not be waiting, you should not be using the Congress

as an excuse for doing nothing," Hunker said.

Sen. Robert Bennet (R-Utah) said it might take some time for Congress to

be able to respond appropriately to security threats. "We are organized

to deal with Industrial Age problems," he said. "The "love bug' cut across

all these jurisdictions instantaneously, and Congress is not set up to deal

with issues that cut across jurisdictions."

Hunker outlined six elements from the president's plan that the administration

is asking Congress to fund but agencies can act upon on their own:

* Building a trained organization.

* Developing and using best practices and standards.

* Performing and using vulnerability assessments.

* Sharing security information.

* Working with warning response and recovery organizations.

* Developing systems for obtaining resources and assigning accountability.

"Even if it is a tiny step forward, all of us can move the ball forward

in our own organizations," Hunker said.

Featured

  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected