Feds shape cyberwarning strategy
- By Diane Frank
- Aug 14, 2000
Under pressure from Congress to better coordinate the government's response
to computer viruses and other cyberattacks, the National Security Council
has developed a plan outlining roles and responsibilities for federal cybersecurity
Under the plan — sent out to those organizations and federal agencies
late last month — the National Infrastructure Protection Center, working
with the General Services Administration's Federal Computer Incident Response
Capability office, will take the lead in alerting agencies to cyberattacks
and will coordinate any immediate response.
The memo identifies the organizations and agencies to be involved in
various kinds of attacks and defines the criteria for NIPC to call a meeting
of the full cybersecurity community.
NSC — working with Richard Clarke, the national coordinator for security,
infrastructure protection and counter- terrorism — will step in whenever
a security response requires a broad policy decision, according to the plan.
"This institutionalizes how we will share information both at an operations
level and a policy level when cyber-incidents occur," said Mark Montgomery,
director of transnational threats at NSC.
Many observers have called for coordination among organizations such
as NIPC, the Critical Infrastructure Assurance Office (CIAO) and NSC itself.
NIPC, based at the FBI, was established in 1998 to serve as the government's
central organization to assess cyberthreats, issue warnings and coordinate
responses. The CIAO was set up to help agencies develop and coordinate
security policies and plans.
"The proliferation of organizations with overlapping oversight and assistance
responsibilities is a source of potential confusion among agency personnel
and may be an inefficient use of scarce technical resources," said Jack
Brock, director of governmentwide and defense information systems at the
General Accounting Office, speaking before Congress in February.
The calls for coordination became louder after the "I Love You" virus
in May affected almost every federal e-mail server and taxed many agencies'
resources. The lack of formal coordination and communication led to many
more agencies being affected by the incident than necessary, according to
Although the many warning and response organizations work together,
the NSC memo lays out a standard process for coordination, said John Tritak,
director of the CIAO.
In the past, that type of coordination happened an ad hoc basis, an
administration official said. Now, as laid out in the memo, the process
is set so that it can last through the November election and into the next
administration, he said.
"Some of the formal mechanisms that existed were frankly ineffective
in the tasks they were meant to do," another administration official said.
"For circumstances that are extraordinary, we now have a process where the
NIPC will coordinate the operational response, and the National Security
Council will head the policy response."