Science Dems: Much Work Still to Be Done to Construct Secure, Reliable Cyber-Infrastructure
A full Committee hearing of the U.S. House Committee on Science today examined the current state of our country’s cyber-infrastructure.
"Today's hearing had two important purposes," said Ranking Member Rep. Bart Gordon (D-TN). "To assess progress in improving the security of computer systems on which critical industries rely and to explore why progress has been so slow."
Witnesses from the Department of Homeland Security and private industry briefed Committee Members on the critical infrastructure sectors of the U.S. and how each depends on secure information systems to work effectively. Also explored were actions that must be taken to secure these systems, the respective roles of the federal government and private sector and further research needed to mitigate existing and emerging threats and vulnerabilities.
"A real solution for a secure cyber-infrastructure is not one of patches and fixes - recent events make all too clear that inadequate recovery plans, either by design or execution, have dire consequences for the health and well being of our citizens. Inaction can be an enemy just as lethal as terrorists," added Rep. Gordon.
A presidential directive from the Clinton Administration - PDD 63 - instituted policies and established new organizations to improve the nation’s ability to detect and respond to cyber attacks, including mechanisms to improve communication between the public and private sectors regarding cyber security matters. Subsequently, the new Department of Homeland Security (DHS) was charged to be the government’s focal point for cyber security.
Yet, in a report released this summer, GAO found that the DHS has not yet developed national cyber threat and vulnerability assessments or government/industry contingency recovery plans for cyber security. "This is simply not good enough,” said Rep. Gordon. “Further delay is not acceptable. The department needs to follow through with plans to elevate the head of cyber security to the assistant secretary level and establish strong partnerships with the private sector, which owns and operates the infrastructure."
Mr. Donald "Andy" Purdy, Acting Director of DHS's National Cyber Security Division, stated in his testimony that the department is "committed to achieving success in meeting our goals and objectives, but we cannot do it alone. We will continue to meet with industry representatives, our government counterparts, academia, and state representatives to formulate the partnerships needed for productive collaboration and leverage the efforts of all, so we, as a nation, are more secure in cyberspace and in our critical infrastructures."
The need for such work was underscored by Mr. John S. Leggate, Chief Information Officer & Group Vice President Digital and Communications Technology, BP Plc. "Given this fundamental dependency on its continuous availability, the public Internet must be better protected, managed and controlled. In the longer term, the U.S. should take a leadership role in creating the next generation Global Internet."
"Computer system vulnerabilities persist worldwide, and the initiators of random cyber attacks that plague the Internet remain largely unknown," concluded Rep. Gordon. "We know that many international terrorist groups now actively use computers and the Internet to communicate, and they're clearly capable of developing or acquiring the technical skills to direct a coordinated attack against networked computers in the U.S. The disruptions and economic damages that could result from a successful cyber attack to one or more of our critical infrastructures could be substantial."
Next Article Previous Article