PROTECTING CYBER SECURITY

This is historical material, "frozen in time."
The web site is no longer updated and links to external web sites and some internal pages will not work.

PROTECTING CYBER SECURITY

"As we approach the 21st century, our foes have extended the fields of battle - from physical space to cyberspace... Rather than invading our beaches or launching bombers, these adversaries may attempt cyber attacks against our critical military systems and our economic base... If our children are to grow up safe and free, we must approach these new 21st century threats with the same rigor and determination we applied to the toughest security challenge of this century."

President Clinton
US Naval Academy
Annapolis, MD
May 22, 1998

The United States benefits from the most robust and aggressive information technology infrastructure in the world. This same information technology infrastructure makes us particularly vulnerable to cyber attack. The most vital sectors of our economy - power generation, telecommunications, banking and finance, transportation and emergency services - are potentially susceptible to disruptions from hackers, terrorists, criminals or governments. President Clinton has increased funding on critical infrastructure protection by more then 50% since 1998 and has also developed and funded new initiatives to defend the country's computer systems and critical infrastructures from cyber attack.

A RECORD OF ACCOMPLISHMENT

Proposed a Fiscal Year 2001 budget which allocates $2.01 billion to defend against this emerging threat, up by over $250 million from the actual FY 2000 budget, and double the FY 1998 budget. It also provided funding for numerous initiatives which are designed to make the government a model of information security and which are described below.

Increased overall requests for research and development funding for critical infrastructure by 32 percent since FY 2000. These efforts are intended to safeguard key computer systems, with a focus on developing tools that can identify potentially threatening activities within computer networks or computer code installed to disrupt a computer system. This also included a $50 million request to fund an Institute for Information Infrastructure Protection to better organize and coordinate federal and private sector computer security research and development efforts.

Developed an implemented the Joint Task Force - Computer Network Defense. This Department of Defense system ensures that when one computer system is attacked, others in the network will be instantly informed of the source of the intrusion, the mode of attack, and recommended ways to stop it. The FY 2001 budget includes $8 million for a similar system, the Federal Intrusion Detection Network (FIDNET) for the non-DOD federal agencies. The centralized systems will serve as a "computer burglar alarm" for federal systems and they will serve as a mechanism to set readiness levels, provide best defense advisories and push down patches for known computer software flaws.

Built a partnership with private industry to establish Information Sharing and Analysis Centers (ISACs) in order to foster the development of uniform practices and standards to protect against computer attack, encourage the sharing of vulnerability analysis and provide outreach and training programs within private industry. ISACs exist in four key sectors: banking and finance ,telecommunications, electric power, and information technologies. ISACs for the transportation and oil and gas sectors, and cross-sectoral communities are being developed.

Provided $11 million in the FY 2001 budget to launch the 'Scholarship for Service' program. This program will pay college student tuition, stipends and provide summer employment for over 150 IT students in each class, in return for government service. The Centers for IT Excellence (CITE) program will establish a baseline for federal IT training curriculum, identify suitable training locations and administer certification programs. This initiative also provided funding for an IT occupational study by the Office of Personnel Management, an information security awareness program for all Federal employees and a computer ethics curriculum development program for secondary schools.

Kicked off the National Partnership for Critical Infrastructure Security in December 1999, with more then 80 major companies signed on as charter members. Commerce Secretary William Daley represented the President and opened a dialogue with the private sector to improve the security and reliability of our national infrastructures. The Partnership now includes 230 companies and is preparing its contribution for the next version of the National Plan.

Formed the National Information Protection Center, an interagency group, which serves as all-source intelligence, warning and law enforcement center for federal information system operations.

Formed the National Infrastructure Assurance Council, a Presidential advisory board composed of infrastructure and IT company CEOs, privacy experts, academics and former government officials. This Council will provide the President with advice and recommendations on how to build the public-private partnership to protect our national critical infrastructures and how to make the government a model of information security.

Formed the Expert Review Team to assist in the development of and assess all federal agency critical infrastructure plans. These plans are the first steps in organizing agency CIP efforts and allow for effective vulnerability assessments. The FY 2001 budget provides for $3 million to permanently place this team at the National Institute of Standards and Technology (NIST).

TIMELINE OF ACCOMPLISHMENT

December 2000	White House Conference on Improving the Effectiveness of Public and Private Initiatives to Combat Computer Viruses.
December 2000	President announces the Scholarship for Service Program in his December 8 speech in Nebraska.
October 2000	White House Meeting with Presidents of Universities designated as Centers of Excellence.
September 2000	White House Conference on Improving Security of Business to Business Network Security.
September 2000	White House Conference on Information Security.
September 2000	The Critical Infrastructure Assurance Office and the National Coordinator for Security, Infrastructure Protection, and Counter-Terrorism conclude Series of Five Regional Summit Meetings with the Institute for Internal Auditors on Information Security.
June 2000	White House Conference on Information Systems "Liability, Security and Privacy, Legal and Policy Issues."
May 2000	National Colloquium on Information Systems Security Education in Washington, D.C.
February 2000	President Clinton meets with leaders of the IT and Internet industries on Improving Internet Security.
January 2000	President Clinton issues first-ever "National Plan for Information Systems Protection," laying out the national agenda by both government and industry for protecting America's cyber-systems from deliberate attack.
October 1999	Designation of USSPACECOM as lead agent for Computer Network Defense for the Department of Defense.
July 1999	President Clinton signs an Executive Order Establishing the National Infrastructure Assurance Council.
January 1999	President Clinton delivers a speech at the National Academy of Sciences calling for increased FY 2000 investment in cyber-security programs.
May 1998	The President delivers the Commencement Address at the United States Naval Academy announcing the signing of PDD-63, and calling for a national strategy to protect America's critical infrastructures, particularly its cyber-systems.
May 1998	President Clinton signs PDD-63, calling for a National Plan to protect America's critical infrastructures, especially cyber systems, from deliberate attack and disruption.
May 1998	President Clinton signs PDD-62, creating the position of National Coordinator for Security, Critical Infrastructure, and Counter Terrorism in the National Security Council, charging the National Coordinator with coordinating Federal and private sector efforts to counter emerging threats to the Nation.
July 1996	Establishment of President's Commission on Critical Infrastructure Protection.

REFERENCES

Remarks by the President in Meeting with Leaders of High-Tech Industry and Computer Security Experts, February 15, 2000.
Fact Sheet: "Strengthening Computer Security through Public-Private Partnership." February 15, 2000.
"National Plan for Information Systems Protection," January 2000.
Executive Order, "National Infrastructure Assurance Council," July 14, 1999.
Remarks by the President at the National Academy of Sciences, January 22, 1999.
Remarks by the President on Keeping America Secure for the 21st Century, January 22, 1999.
Remarks by the President at USNA Commencement, May 22, 1998.
Presidential Decision Directive 63, "Protecting our Critical Infrastructures," May 1998.
"Critical Foundations: Protecting America's Infrastructures," The Report of the President's Commission on Critical Infrastructure Protection, October 1997.
Executive Order 13010, "Establishment of President's Commission on Critical Infrastructure Protection," July 1996.

Help

Site Map

Graphic Version

T H E W H I T E H O U S E