         |
PROTECTING CYBER SECURITY
"As we approach the 21st century, our foes have extended the fields
of battle - from physical space to cyberspace... Rather than invading our
beaches or launching bombers, these adversaries may attempt cyber attacks
against our critical military systems and our economic base... If our children
are to grow up safe and free, we must approach these new 21st century threats
with the same rigor and determination we applied to the toughest security
challenge of this century."
President Clinton
US Naval Academy
Annapolis, MD
May 22, 1998
The United States benefits from the most robust and aggressive information technology
infrastructure in the world. This same information technology infrastructure
makes us particularly vulnerable to cyber attack. The most vital sectors of
our economy - power generation, telecommunications, banking and finance, transportation
and emergency services - are potentially susceptible to disruptions from hackers,
terrorists, criminals or governments. President Clinton has increased funding
on critical infrastructure protection by more then 50% since 1998 and has also
developed and funded new initiatives to defend the country's computer systems
and critical infrastructures from cyber attack.
A RECORD OF ACCOMPLISHMENT
- Proposed a Fiscal Year 2001 budget which allocates $2.01 billion to defend
against this emerging threat, up by over $250 million from the actual FY 2000
budget, and double the FY 1998 budget. It also provided funding for numerous
initiatives which are designed to make the government a model of information
security and which are described below.
- Increased overall requests for research and development funding for critical
infrastructure by 32 percent since FY 2000. These efforts are intended to
safeguard key computer systems, with a focus on developing tools that can
identify potentially threatening activities within computer networks or computer
code installed to disrupt a computer system. This also included a $50 million
request to fund an Institute for Information Infrastructure Protection to
better organize and coordinate federal and private sector computer security
research and development efforts.
- Developed an implemented the Joint Task Force - Computer Network Defense.
This Department of Defense system ensures that when one computer system is
attacked, others in the network will be instantly informed of the source of
the intrusion, the mode of attack, and recommended ways to stop it. The FY
2001 budget includes $8 million for a similar system, the Federal Intrusion
Detection Network (FIDNET) for the non-DOD federal agencies. The centralized
systems will serve as a "computer burglar alarm" for federal systems
and they will serve as a mechanism to set readiness levels, provide best defense
advisories and push down patches for known computer software flaws.
- Built a partnership with private industry to establish Information Sharing
and Analysis Centers (ISACs) in order to foster the development of uniform
practices and standards to protect against computer attack, encourage the
sharing of vulnerability analysis and provide outreach and training programs
within private industry. ISACs exist in four key sectors: banking and finance
,telecommunications, electric power, and information technologies. ISACs for
the transportation and oil and gas sectors, and cross-sectoral communities
are being developed.
- Provided $11 million in the FY 2001 budget to launch the 'Scholarship for
Service' program. This program will pay college student tuition, stipends
and provide summer employment for over 150 IT students in each class, in return
for government service. The Centers for IT Excellence (CITE) program will
establish a baseline for federal IT training curriculum, identify suitable
training locations and administer certification programs. This initiative
also provided funding for an IT occupational study by the Office of Personnel
Management, an information security awareness program for all Federal employees
and a computer ethics curriculum development program for secondary schools.
- Kicked off the National Partnership for Critical Infrastructure Security
in December 1999, with more then 80 major companies signed on as charter members.
Commerce Secretary William Daley represented the President and opened a dialogue
with the private sector to improve the security and reliability of our national
infrastructures. The Partnership now includes 230 companies and is preparing
its contribution for the next version of the National Plan.
- Formed the National Information Protection Center, an interagency group,
which serves as all-source intelligence, warning and law enforcement center
for federal information system operations.
- Formed the National Infrastructure Assurance Council, a Presidential advisory
board composed of infrastructure and IT company CEOs, privacy experts, academics
and former government officials. This Council will provide the President with
advice and recommendations on how to build the public-private partnership
to protect our national critical infrastructures and how to make the government
a model of information security.
- Formed the Expert Review Team to assist in the development of and assess
all federal agency critical infrastructure plans. These plans are the first
steps in organizing agency CIP efforts and allow for effective vulnerability
assessments. The FY 2001 budget provides for $3 million to permanently place
this team at the National Institute of Standards and Technology (NIST).
TIMELINE OF ACCOMPLISHMENT
|
December 2000
|
White House Conference on Improving the Effectiveness of
Public and Private Initiatives to Combat Computer Viruses. |
December 2000
|
President announces the Scholarship for Service Program in
his December 8 speech in Nebraska. |
October 2000
|
White House Meeting with Presidents of Universities designated
as Centers of Excellence. |
September 2000
|
White House Conference on Improving Security of Business
to Business Network Security. |
September 2000
|
White House Conference on Information Security. |
September 2000
|
The Critical Infrastructure Assurance Office and the National
Coordinator for Security, Infrastructure Protection, and Counter-Terrorism
conclude Series of Five Regional Summit Meetings with the Institute for
Internal Auditors on Information Security. |
June 2000
|
White House Conference on Information Systems "Liability,
Security and Privacy, Legal and Policy Issues." |
May 2000
|
National Colloquium on Information Systems Security
Education in Washington, D.C. |
February 2000
|
President Clinton meets with leaders of the IT and Internet
industries on Improving Internet Security. |
January 2000
|
President Clinton issues first-ever "National Plan for Information
Systems Protection," laying out the national agenda by both government
and industry for protecting America's cyber-systems from deliberate attack.
|
| October 1999
|
Designation of USSPACECOM as lead agent for Computer Network
Defense for the Department of Defense. |
July 1999
|
President Clinton signs an Executive Order Establishing the
National Infrastructure Assurance Council. |
January 1999
|
President Clinton delivers a speech at the National Academy
of Sciences calling for increased FY 2000 investment in cyber-security programs.
|
May 1998
|
The President delivers the Commencement Address at the United
States Naval Academy announcing the signing of PDD-63, and calling for a
national strategy to protect America's critical infrastructures, particularly
its cyber-systems. |
May 1998
|
President Clinton signs PDD-63, calling for a National Plan
to protect America's critical infrastructures, especially cyber systems,
from deliberate attack and disruption. |
May 1998
|
President Clinton signs PDD-62, creating the position of
National Coordinator for Security, Critical Infrastructure, and Counter
Terrorism in the National Security Council, charging the National Coordinator
with coordinating Federal and private sector efforts to counter emerging
threats to the Nation. |
July 1996
|
Establishment of President's Commission on Critical Infrastructure
Protection.
|
REFERENCES
- Remarks by the President in Meeting with Leaders of High-Tech Industry
and Computer Security Experts, February 15, 2000.
- Fact Sheet: "Strengthening Computer Security through Public-Private
Partnership." February 15, 2000.
- "National Plan for Information Systems Protection," January 2000.
- Executive Order, "National Infrastructure Assurance Council,"
July 14, 1999.
- Remarks by the President at the National Academy of Sciences, January 22,
1999.
- Remarks by the President on Keeping America Secure for the 21st Century,
January 22, 1999.
- Remarks by the President at USNA Commencement, May 22, 1998.
- Presidential Decision Directive 63, "Protecting our Critical Infrastructures,"
May 1998.
- "Critical Foundations: Protecting America's Infrastructures,"
The Report of the President's Commission on Critical Infrastructure Protection,
October 1997.
- Executive Order 13010, "Establishment of President's Commission on
Critical Infrastructure Protection," July 1996.
President and First Lady | Vice President and Mrs. Gore
Record of Progress | The Briefing Room
Gateway to Government | Contacting the White House
White House for Kids | White House History
White House Tours | Help | Text Only Privacy Statement |
