Still a way to go
- By Thomas Burke
- Dec 02, 2001
The recent creation of national defense and homeland security posts, including the appointment of Richard Clarke as the president's special adviser for cyberspace security, are prudent, long-overdue measures necessary to protect our way of life.
Attorney General John Ashcroft has added information technology infrastructure to the short list of potential terrorist targets in the United States — and with good reason. Computers control our electricity, route our communications, print our paychecks and maintain our medical records. They operate our air traffic control systems, process Social Security checks and house sensitive government information. Computer networks are the lifeblood of the financial markets and the means by which our military forces and their equipment are deployed.
It's all so seamless that most of us never seriously consider the potential ramifications of those systems being seriously damaged or destroyed. But the fact is these systems are vulnerable in times of peace, to say nothing of war. Are we doing enough to protect them and reduce the risks?
Much has already been accomplished. As a former federal executive with more than 30 years of experience in information security, I've witnessed firsthand many efforts to enact legislation, create committees and appoint competent leadership to protect our vital information systems. The momentum behind the recent presidential appointments began many months and, in some cases, years ago. We've been moving in the right direction. We just haven't moved far enough.
Hackers have been attacking Defense Department and NASA systems for years. There's mounting proof that other countries train people to use cyberattacks in conjunction with or instead of conventional weapons.
So will these new leaders and the elevated status of cyberspace security protect us?
Yes, and no.
Yes, we've taken a huge step forward. Our government has placed information security center stage and put the people and resources in place to usher in landmark changes. I have worked closely with Clarke and believe that he has the experience and dedication to lead the nation's cybersecurity efforts.
But now we must see a commitment from government agencies — federal, state and local — as well as private companies. Ashcroft has asked all of us to examine our systems and security procedures. Once this is done, we need to act, both by investing in information security and enforcing policies and procedures. Success requires that industry and government work together to an extent that we never thought possible.
Yesterday's cybercriminal wreaked a fair amount of financial havoc. Today's terrorist has set the bar higher. Only through concerted, coordinated action will we avoid an electronic equivalent of the Sept. 11 attacks on our way of life.
Burke is director of information assurance and critical infrastructure protection for Computer Sciences Corp. Prior to joining CSC, he was the General Services Administration's assistant commissioner for information security in the Federal Technology Service.