Infrastructure security plan takes shape

CIAO

Efforts started under President Clinton to protect the nation's critical services and infrastructure are moving forward under the Bush administration, which is completing its work at organizing those efforts.

The Bush administration will shortly be releasing the recommendations from months of Cabinet-level meetings about the coordination among the numerous federal organizations involved in critical infrastructure protection. Last year, members of Congress, the General Accounting Office and others criticized what appeared to be overlapping responsibilities and a lack of coherent partnerships among the many groups.

Protecting critical infrastructures — a segment of the overall security picture that focuses on information systems that support infrastructure such as telecommunications and power — became a priority in 1998. President Clinton signed Presidential Decision Directive 63 that May, which mandated that agencies secure their own critical infrastructure systems and take the lead in private-sector security efforts.

Progress has been slow since that time, as noted in a recent report by governmentwide inspectors general. But actions by the Clinton administration in its final months and new initiatives from the Bush administration are quickening the overall effort.

"PDD 63 was a good start, but we need to move forward aggressively," said Sen. Robert Bennett (R-Utah), a longtime advocate of critical infrastructure issues.

The top recommendation may be to form a coordination board to supplement the oversight by the National Security Council, said John Tritak, director of the Critical Infrastructure Assurance Office. Such a board would include members of the CIAO and officials from major departments such as Commerce, Energy, Transportation and Treasury, officials said.

Through the CIAO, the policy support organization created by PDD 63, the Bush administration is developing the second version of the National Plan for Information Systems Protection. The first version focused almost entirely on federal responsibilities in this area.

Since the original plan's release in January 2000, the CIAO has been working with the private sector to include its input. Now Bush officials are pushing to make sure the new version — renamed the National Plan for Cyberspace Security and Critical Infrastructure Protection — is a "co-authored document," Tritak said.

The CIAO is also reaching out to state and local governments to define how they fit into the picture. Virginia officials are meeting with the CIAO to adapt federal models to the state and local environment and to foster a bottom-up approach to handling e-government issues, said Donald Upson, Virginia secretary of technology.

And one of the last initiatives from the Clinton years will get under way next month, providing an expert resource for agencies that often need help handling critical infrastructure issues.

The National Institute of Standards and Technology finally received funding in the 2001 budget for the Computer Security Expert Assist Team, a group of security experts targeted to provide outside assistance to agencies with scarce resources.

The team is in place at NIST and will start work in June. The first stage will be to respond to agency requests to review their security programs and to requests from the Office of Management and Budget to review the security for existing and planned information technology systems, according to NIST.

Featured

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    OPM nominee plans focus on telework, IT, retirement

    Kiran Ahuja, a veteran of the Office of Personnel Management, told lawmakers that she thinks that the lack of consistent leadership in the top position at OPM has taken a toll on the ability of the agency to complete longer term IT modernization projects.

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

Stay Connected