Protection plan awaits White House revisions

The Bush administration has been working for months to refine the strategy for protecting the government's critical infrastructure, moving to update President Clinton's 1998 outline in Presidential Decision Directive 63 to reflect current problems and solutions.

White House officials plan to soon issue a new executive order outlining a board comprising officials across government, said Richard Clarke, national coordinator for security, infrastructure protection and counterterrorism at the National Security Council. But already, several policies are under development at the NSC in the PDD 63 arena that could affect security practices across government. Those policies could include physically removing the most critical federal systems from public access on the Internet to provide the best possible protection, he said.

Obtaining and retaining trained and experienced professionals for critical infrastructure protection is a challenge for agencies. They can rely on industry for some of that expertise, "but there must be a core...that are capable, literate in [information technology] security and able to manage the outsourcing," Clarke said.

Attempts to remedy that problem started this fall when the first set of students entered the Scholarship for Service program, an initiative set up under Clinton's National Plan for Information Systems Protection. In the program, students in the information security field receive full scholarships in return for at least two years of service in the federal government.

The NSC is also considering requiring a basic level of security in all IT products bought by the government, Clarke said. In the 1980s, the Defense Department developed the Trusted Computer System Evaluation Criteria, better known as the Orange Book, to set procurement standards. Not many organizations followed the standards because few products went through the evaluation, but that does not mean procurement standards are a bad idea, Clarke said.

"We need to look again, not give up on the notion of the federal government leading the market just because it didn't work in the past," Clarke said.


  • Cybersecurity
    CISA chief Chris Krebs disusses the future of the agency at Auburn University Aug. 22 2019

    Shared services and the future of CISA

    Chris Krebs, the head of the Cybersecurity and Infrastructure Security Agency at DHS, said that many federal agencies will be outsourcing cyber to a shared service provider in the future.

  • Telecom
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA softens line on looming EIS due date

    Think of the September deadline for agencies to award contracts under the General Services Administration's $50-billion telecommunications contract as a "yellow light," said GSA's telecom services director.

  • Defense
    Shutterstock photo id 669226093 By Gorodenkoff

    IC looks to stand up a new enterprise IT program office

    The intelligence community wants to stand up a new program executive office to help develop new IT capabilities.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.