December 07, 2000, 1:09 PM —
Representatives from more than a dozen critical infrastructure sectors of the
economy, including telecommunications, transportation and electric power, this week
plan to deliver to the White House a status report on the private sector's progress in
beefing up cybersecurity.
Their findings: Many companies have made significant progress during the past year
to protect their infrastructures from attack, but others still face an uphill battle.
The closely guarded report, produced by members of the National Partnership for
Critical Infrastructure Security, will be used as a basis for the next version of the
Clinton administration's plan outlining how the government and private firms must work
together to bolster cybersecurity. The NPCIS is a joint effort between federal agencies
and the private sector.
Officials said the banking and energy industries remain ahead of many other sectors
in security preparedness. Other sectors, including telecommunications, transportation
and waterways, face difficult challenges stemming from a vast array of factors such as
deregulation and market fluctuations.
Ken Watson, co-chairman of the coordinating committee of the NPCIS acknowledged that
progress hasn't proceeded at the same pace in all sectors.
"I have talked personally to the sector coordinators, and they are all working
feverishly at this," said Watson, who's also manager of critical-infrastructure
protection at Cisco Systems Inc. in San Jose. "There are some sectors that are ahead of
others. However, we accept the challenge that the government has given us to protect
the networks that run our infrastructure."
One indicator of progress is the pending announcement of an Information Sharing and
Analysis Center (ISAC) for the IT community, similar to the ISAC that already exists
for the financial services sector. The ISAC offers a secure database, analytic tools
and other software that allow officials to submit reports about information security
threats, vulnerabilities, incidents and solutions.
Tim Atkins, a member of an NPCIS working group, said the IT sector has been moving
very aggressively. Any perceived slowness is due to a genuine desire by industry to
protect proprietary and sensitive information on behalf of their companies, their
shareholders and their clients, said Atkins, who is director of critical infrastructure
protection at consulting firm SRA International Inc. in Fairfax, Va.
Thomas R. Horton, chairman of the National Association of Corporate Directors and a
participant in several recent critical-infrastructure protection summit meetings, said
corporate concerns regarding shareholder value and increased competition may be getting
in the way of security progress at some banks, airlines and telecommunications