A cybersecurity advocacy group has called on US President George Bush to focus more resources on computer issues and elevate the top IT security position at the US Department of Homeland Security (DHS) to the assistant secretary level.
Among the Cyber Security Industry Alliance’s (CSIA) 12 recommendations to the White House was that the Senate ratify of the EC Convention on Cybercrime, and the assignment of a federal agency to track the costs of cyber attacks.
The Bush Administration's cybersecurity strategy, released in February 2003, calls for the US government to encourage other nations to approve the Convention on Cybercrime, but it doesn't call on the US Senate to ratify the convention.
A White House spokesman didn't immediately return a phone call seeking comment on the CSIA recommendations.
The CSIA also called on the US government to increase research and development funding for cybersecurity, to form a task force to develop actions that will secure digital control systems used by utilities, and to establish and test an emergency coordination network that would function in the case of a large cyber attack.
Such a network wouldn't have to be a "hundred billion dollar" project, but could start with efforts as simple as tabletop scenario response exercises.
"Bottom line here is, we do not have established means, protocols, procedures in place if we have large-scale disruption on our Internet," a CSIA spokesperson said. "What happens if the internet drops out below us? We haven't really thought those issues through as a country."
CSIA and other tech groups have pushed for an assistant secretary for cybersecurity position in the Department of Home Security even before Amit Yoran, former director of cybersecurity at DHS, resigned in September, reportedly because of a lack of focus on cybersecurity in the department. Yoran attended a CSIA press conference in Washington, DC, where the organisation unveiled its cybersecurity recommendations.
A position paper on CSIA's cybersecurity recommendations is available at https://www.csialliance.org/resources/pdfs/Agenda_for_Next_Admin_FINAL.pdf.
CSIA’s members include Computer Associates International, Entrust, Juniper Networks, McAfee and Symantec.