Ads by TechWords

See your link here
Receive the latest technology news and information.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Feds Say Ciao to Father of the CIAO

Cybersecurity expert has suggestions for new administration

January 15, 2001 12:00 PM ET

Computerworld - When the Clinton administration leaves office this week, the federal government will say goodbye to one of the national security community's premiere experts on cybersecurity policy.
On Jan. 20, Jeffrey Hunker, the senior director for critical infrastructure protection at the National Security Council, will end a seven-year stint in public service.
What started as a serendipitous move into a senior policy advisory role under Secretary of Commerce Ron Brown in 1993 soon led to an assignment to create a new national security organization that would be at the forefront of the nation's cyberdefenses. In 1998, that organization became known as the Critical Infrastructure Assurance Office (CIAO).
Computerworld's Dan Verton recently sat down with Hunker in his office in the Old Executive Office Building adjacent to the White House. Here's what Hunker had to say about the future of the national effort to protect cyberspace.

Q. What should the Bush administration do differently to make the critical infrastructure protection effort more effective?
A. Part of the challenge is going to be working to educate Congress, ensuring there is budget responsibility and accountability within the executive branch and, equally important, actively working with the insurance and audit industries to integrate the issue of cybersecurity into the corporate risk management framework.
One of the biggest shortcomings in security right now is that there is no commonly accepted set of best practices. One of the things that the federal government should do is adopt a set of defined network security best practices - not just on paper, because there is plenty of guidance. They should then encourage their adoption in the private sector as well. If we do that, it would help jump-start the insurance market as well.
Also, we have virtually no pipeline producing trained cybersecurity experts at this point. Addressing the nationwide shortage of those people needs to be done very close to the top of the next administration.

Q. What have you learned about the government/industry partnership?
A: I'm struck by how new and challenging the issue of cybersecurity is. The government is not organized to deal with a crosscutting issue like this.
Many of the approaches to developing partnerships don't exist, and you have to build them from scratch. I've also learned that it takes a long time to build an operating partnership with the private sector.

Q. What are some of the most significant issues in security that the new administration will face?
A: I look at developing a legal structure as perhaps one of the most important foundationalelements to the future of cybersecurity.
For example, while there are reconstitution authorities that the federal government uses whenever we have an earthquake or a hurricane, there's substantial controversy about whether the federal government in fact has legal authority to provide reconstitution support in the event of a cyberfailure.
Likewise, we don't have a legal structure that can determine how you assign liability for network failures.
We also need to formalize at the highest levels of the government the working partnership between government and corporate executives.
We need to formalize the National Infrastructure Assurance Council and start having meetings between corporate CEOs and the president on this issue. It's time that we bumped it up to a president-and-CEO issue.

Read more about legislation/regulation in Computerworld's Legislation/Regulation Knowledge Center.



Jump to comments

Legislation/Regulation

Additional Resources

EFD vs. HDD - What You Need to Know
WHITE PAPER
Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
WHITE PAPER
The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.
Eight Criteria for Server Load Balancing
WHITE PAPER
Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

White Papers & Webcasts

The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!

Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.


IT Jobs