IT firms unite to share security info

Presidential Decision Directive 63

Nineteen information technology companies came together Tuesday to formally announce the creation of a fourth center to help protect the information systems that support the United States' critical infrastructure.

The IT sector is the latest to form an information sharing and analysis center, as called for under Presidential Decision Directive 63. Issued by President Clinton in May 1998, PDD 63 sets the requirements for critical infrastructure protection.

The ISACs are intended to provide a mechanism for companies within the eight infrastructure sectors to share information about cyber threats, vulnerabilities and solutions.

In addition to the new IT-ISAC, the three sectors that have formed ISACs are banking and finance, telecommunications and electric power.

The arrangements create "a trusted path," said Richard Clarke, national coordinator for security, infrastructure protection and counterterrorism at the National Security Council. Such trust will allow federal organizations such as the National Infrastructure Protection Center and federal agency computer emergency response teams to share security information, Clarke said.

While there are still four sectors to go, the creation of the IT-ISAC keeps the effort moving in the right direction, said Norman Mineta, secretary of the Commerce Department, the agency that serves as sector liaison for the IT industry.

"I think that it is a giant step forward in making sure that the nation's networks are as secure as we can make it," Mineta said. It is important that all sectors start their own centers, but the IT sector "is absolutely critical because it permeates the economy so completely," he said.

The IT-ISAC will recruit more IT companies to join. The technical work will be done by Internet Security Systems Inc., a security company that offers intrusion detection, vulnerability analysis and other products and services.

The information sharing will enable the members of the IT sector to better understand threats, collect and develop best practices and collaborate on potential solutions. That will lead to improved products and services for customers, including federal agencies, said Philip Lacombe, president of the information and infrastructure protection sector at Veridian.

The founding members of the IT-ISAC are Computer Sciences Corp., Veridian, Cisco Systems Inc., Hewlett-Packard Co., IBM Corp., Oracle Corp., Microsoft Corp., AT&T, Computer Associates International Inc., Electronic Data Systems Corp., Entrust Technologies Inc., Intel Corp., KPMG Consulting LLC, Nortel Networks Ltd., RSA Security Inc., Securify Inc., Symantec Corp., Titan Systems Corp. and VeriSign Inc.


  • IT Modernization
    Eisenhower Executive Office Building (Image: Wikimedia Commons)

    OMB's user guide to the MGT Act

    The Office of Management and Budget is working on a rules-of-the-road document to cover how agencies can seek and use funds under the MGT Act.

  • global network (Pushish Images/

    As others see us -- a few surprises

    A recent dinner with civil servants from Asia delivered some interesting insights, Steve Kelman writes.

  • FCW Perspectives
    cloud (Singkham/

    A smarter approach to cloud

    Advances in cloud technology are shifting the focus toward choosing the right tool for the job and crafting solutions that truly modernize systems.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.