Ridge Releases Cyberdefense, Physical Strategies

Computerworld - Secretary of Homeland Security Tom Ridge on Friday released the final versions of the Bush administration's national strategies to defend critical infrastructures from cyber and physical attack.
As the nation remained at Code Orange -- the second-highest level of alert -- Ridge said the two strategy documents are critical to the future planning of the new U.S. Department of Homeland Security. The "National Strategy to Secure Cyberspace" and the "National Strategy for the Physical Protection of Critical Infrastructures and Key Assets" will help guide governments and businesses in their efforts to defend the country from terrorism, said Ridge.
One of the first priorities of the administration's cyberdefense strategy will be to establish a national cyberspace security response system that will enable the government to coordinate with the private sector on analysis, warning, incident management and recovery efforts stemming from a coordinated cyberattack against the U.S.
Howard Schmidt, acting chairman of the President's Critical Infrastructure Protection Board, said a major thrust of the cyberdefense strategy is to work with the private sector to reduce the nation's vulnerability to attack. In addition, the Homeland Security Department is considering a cybersecurity alert system that would work in conjunction with the overall Homeland Security Alert System.
Noticeably absent from the final version of the national cyberdefense strategy is any mention of regulating the private sector to force improvements in security. While Schmidt said the goal from the very beginning was to build a "partnership," Bob Stephan, special assistant to Secretary Ridge for information analysis, said regulation could be an option for some industries, such as chemical manufacturing, where the threat to public health and safety is particularly acute.

Read more about legislation/regulation in Computerworld's Legislation/Regulation Knowledge Center.