Clarke: Homeland security revamp to help cybersecurity

Computerworld - RESTON, Va. -- White House cybersecurity chief Richard Clarke said today that a plan to reshuffle the federal government's cybercrime agencies into a new cabinet-level homeland security department will improve federal coordination with the private sector.
"It will concentrate our forces, it will concentrate the skilled staff that we have and will ensure better cooperation and better coordination both within the government and the private sector," said Clarke.
In a proposal outlined by President Bush late last week, the new department would include the FBI's National Infrastructure Protection Center and the U.S. Department of Commerce's Critical Infrastructure Assurance Office. Both agencies work extensively with the private sector.
Clarke, speaking here at the Networked Economy Summit sponsored by George Mason University, also warned that the dangers posed by worms, viruses and system intrusions are as urgent as ever -- and on the rise.
"Digital Pearl Harbors are happening every day, they are happening to companies all across the country," he said. According to Clarke, such cyberincidents cost the economy $15 billion last year.
Clarke and other federal officials have been holding a series of meetings around the country to raise awareness and gather information for a planned national strategy due out by mid-September. That strategy, which is being developed with the help of industries representing critical sectors such as finance, energy and transportation, is intended to map out a plan for improving security protection.
But the government awareness campaign has also been "a little dirty," Clarke told his audience, many of whom work for IT companies in Northern Virginia.
In particular, federal officials have been going to private-sector companies and telling them to pressure vendors to improve security with this message: "Why aren't you using security offerings as a discriminator among the people from whom you buy?"
Clarke said he has also been meeting with insurance companies about writing cybersecurity insurance for firms that meet certain criteria.
A key goal is improving the security of federal agencies, which have frequently been found to be lacking by the congressional watchdog agency, the U.S. General Accounting Office.
In that regard, the Bush administration's proposed budget for next year includes $5 billion in new funding to improve security at federal agencies. Clarke said the private sector won't take the federal government seriously as long as the government itself has problems.
This was good news for the vendors at the conference.
"There is a tremendous opportunity for private-sector involvement in homeland security areas," said Rep. Tom Davis (R-Va.), who predicted "billions of dollars" of new federal IT spending on homeland-related security.
The bulk of this new spending "is not going to new federal employee manpower, but is going to contractors, innovators, information technology companies," said Davis.
The proposed homeland office reorganization won the endorsement of one vendor, Jack London, chairman and CEO of CACI, a Northern Virginia-based IT firm. He said it will allow the government to produce "a single data picture of threats against our homeland."
But one technology effort that "should command early focus" is development of interoperable identification control systems that would allow federal agencies to work with law enforcement, as well as the private sector, to correlate potential terrorist activity and threats.
Virginia's economy relies heavily on the tech sector, which employs about 325,000 people in the state. It's also home to numerous military bases and network hubs that handle Internet traffic.
"Virginia is a target-rich state," said the state's governor, Mark Warner. "Literally, half of the Internet traffic in the world flows through Northern Virginia. A disruption to that traffic could have worldwide implications."