Search FCW

Advanced Search
Subscribe Now!
Table of Contents
Sprint
Business
BPM
CXOs
Columns
Columnists
Defense
E-Government
Elections 2008
Enterprise Architecture
Funding
Homeland Security
Health IT
IPv6
LOB
Management
Procurement
Privacy
Policy
Program Management
State and Local
Security
Technology
Telework
Training and Certification
Workforce

More Topics
resourcecenter
Home
Letters to the Editor
Current Issue/Download
Print/Online Archives
Editorial Calendar
researchstore
resourcecenter
Communications for Continuity Operations

Oracle Resource Center
NEW! Transforming Data Center
Managed Services
Service Oriented Architecture
Training & Simulation
Networking Communications
Security Directives and Compliance
Data Center Virtualization
Air Force ELSG Contract Guide

More >>



Latest News
ADVERTISEMENT




 

The best-laid plan?

Experts debate whether the National Strategy to Secure Cyberspace is still relevant — if it ever was

By FCW Staff
Published on June 12, 2006

Comment

Click here to comment on this article

Related story links

Lights out

Preventive measures

Newsletters

You might also be interested in these FCW newsletters:

Daily

To learn more, click here.

Propped on the shelves of many government and industry information technology security offices is a dated, 76-page glossy document titled “The National Strategy to Secure Cyberspace,” perhaps the only tangible evidence that the Bush administration ever set out to spearhead a public/private cybersecurity strategy. Three years after the NSSC’s debut, a simple question lingers: Is federal cybersecurity leadership dead or alive?

Unlike the question, answers are not so simple. The NSSC’s relevance seems to be in the eye of the beholder. Many observers argue that the NSSC’s broad wording and distinctive policy flavor yield guidance that holds true today.

Others cite its general approach to cybersecurity policy as the NSSC’s major downfall. The document merely outlines objectives, such as the need to strengthen law enforcement’s role in combating cyberattacks and the importance of reducing commercial software vulnerabilities.

Critics add that the strategy was never more than a public relations move that was long ago forgotten and is now in need of replacement. Most call for action-oriented plans to batten down major security weaknesses and rally agencies, industry and the public around dire cybersecurity concerns.

But the Homeland Security Department has no intention of revisiting the document. “There are no plans to update the strategy,” said Andy Purdy, acting director of DHS’ National Cyber Security Division. “DHS continues to use the strategy as a guiding framework for its cybersecurity preparedness and response efforts. NCSD’s strategic plan addresses elements iterated in the strategy.”

Purdy also underscored the value of the strategy’s generalized wording. “The national strategy strikes the right balance between overarching priorities and specific implementation strategies,” he said.

Although the NSSC emerged from the Bush administration as high-level policy, the authors wanted to produce a document laden with specifics. Politically appointed officials killed those plans, said Marcus Sachs, one of the NSSC’s drafters. He was with SRI International at the time but is now director of DHS’ Cyber Security Research and Development Center, which SRI manages.



upcoming event

Green Computing Summit, Ronald Reagan Building, Washington, DC
December 2 - December 3, 2008

Trusted Internet Connection and the Comprehensive National Cyber Security Initiative, The Willard Intercontinental Hotel, Washington, DC
December 4, 2008


 

head
fcw
issue
First Name State
Last Name Zip
Title Email
     

Home | About | Contact | Customer Help | Privacy Policy | Editorial Info | Advertise | Link policy / Reprints | Site Map


1105 Media, Inc.

© 1996-2008 1105 Media, Inc. All Rights Reserved.