FBI hints at dismantling NIPC

WASHINGTON -- A decision by FBI Director Robert Mueller is expected early next week on a plan to dismantle the FBI's cyberthreat warning arm, the National Infrastructure Protection Center (NIPC), possibly reversing years of progress made toward improving information sharing between the private sector and the government.

Mueller is poised to decide whether to break up the NIPC and transfer pieces of the organization to the bureau's criminal and counterterrorism and counterintelligence divisions.

The FBI wouldn't comment on the plan, which Mueller first outlined in February in private meetings with members of Congress.

Ron Dick, the NIPC's director, said any news of a final decision is speculation. Dick said Mueller "is a strong supporter of the NIPC and has not made a final decision on what will be in the new cybercrime division nor how that will impact the NIPC, if at all."

In a March 19 letter to the FBI director, which was obtained by Computerworld and the Associated Press, Sen. Charles Grassley (R-Iowa), a member of the Judiciary Committee, told Mueller that his plan "would destroy the fragile trust between NIPC and the private sector, which controls 90% of the nation's critical infrastructure," including the telecommunications grid, electric power and financial systems.

"To deepen the association of NIPC with the most powerful law enforcement agency in the nation would only exacerbate the fear the private sector has about sharing critical information necessary for the success of NIPC," Grassley wrote. "Even worse, I have been informed by members of the private sector that many companies and other organizations, including [information-sharing and analysis centers], would immediately cut off the flow of infrastructure information to the FBI if NIPC is dismantled."

Established in February 1998, the NIPC's mission is "to detect, deter, assess and warn" the government and the private sector of significant threats to Internet security.

However, the role of the NIPC remains a contentious issue on Capitol Hill, where the national security community has complained of what it sees as the NIPC's inability to share strategic warning information in a timely manner. Likewise, many companies remain hesitant to share sensitive or proprietary data without assurances that it won't be inadvertently disclosed to competitors.

Phyllis Schneck, a vice president at security consulting firm SecureWorks Inc. and co-chairwoman of the executive board of the FBI's InfraGard program, which currently has more than 3,500 private sector members, said that regardless of any reorganization, "at the top of the priority list for the private sector is continuing to work closely with the NIPC to exchange as much information as possible."

Ken Watson, president of the industry alliance Partnership for Critical Infrastructure Security and director of critical infrastructure protection at Cisco Systems Inc., declined to comment on how the government chooses to organize. However, Watson said "timely information sharing is key to both national security and business success."

In his letter, Grassley urged Mueller not to dismantle the NIPC by burying it deeper within the "heavy-handed management and culture" of the bureau's criminal division. He went so far as to call Mueller's plan "a classic example of FBI jurisdictional encroachment" and an attempt to lay claim "to a crime issue that is high-profile, second only to terrorism, and that many other agencies already handle well."

Related stories:

Copyright © 2002 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon