Council offers vision for infosec standards

National Strategy to Secure Cyberspace

President Bush's private-sector infrastructure protection advisory council agreed Jan. 8 that the federal government should use industry-developed security standards, but should also be willing to use its heft to drive those standards toward interoperability.

The National Infrastructure Advisory Council's recommendations will go to the president later this month along with a revised National Strategy to Secure Cyberspace, said Richard Clarke, chairman of the President's Critical Infrastructure Protection Board.

Most of the council's recommendations had been finalized prior to the Jan. 8 meeting, but it took members — including the president and chief executive officers of Cisco Systems Inc. and Information Security Systems Inc. — some time to find just the right language to state their vision of the government's role in setting information security standards.

Their final recommendation is that the federal government should encourage the development and use of open standards in the market instead of dictating specific standards. But federal officials should also use the government's significant buying power to push for interoperability in those market standards and solutions that will raise the baseline of security across all sectors.

This falls in line with the approach taken by the Bush administration in its draft cybersecurity strategy, which the White House released in September 2002 for comment. Many criticized the draft as being too soft on industry and lacking significant milestones. Revisions proposed by Clarke's office include setting specific priorities, such as taking a closer look at the Common Criteria security product certification program.

Later this month, the council plans to meet again to look at other infrastructure protection issues, including the international migration to Version 6 of the Internet Protocol and developing a systematic vulnerability assessment program for private-sector infrastructure.

Featured

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    OPM nominee plans focus on telework, IT, retirement

    Kiran Ahuja, a veteran of the Office of Personnel Management, told lawmakers that she thinks that the lack of consistent leadership in the top position at OPM has taken a toll on the ability of the agency to complete longer term IT modernization projects.

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

Stay Connected