• United States



National Strategy to Secure Cyberspace: A Call to Inaction

Apr 01, 20032 mins
Critical InfrastructureData and Information Security

In February, President Bush released his much anticipated National Strategy to Secure Cyberspace. The report contains dire warnings about the threat posed by cyberterrorism, but Bush’s National Strategy has a hands-off approach, essentially asking the private sector to police and solve its own security problems.

“In general, the private sector is best equipped and structured to respond to an evolving cyberthreat,” the report states. “A federal role is only justified when the benefits of intervention outweigh the associated costs.” However, the Bush administration did confess that the government needs to get its own IT house in order.

One of the challenges facing the Bush plan is the government’s well-documented inability to adequately manage its IT resources. (See “Liability Limits,” Wonk, February 2003.) In December, a General Accounting Office report reiterated many of the same charges in light of the new focus on domestic security. The report identified $2.9 billion in IT funding for homeland security but found that many of the agencies slated to receive the most funding were still struggling to resolve significant IT management issues.

Without properly addressing those issues, including a GAO request for agencies to develop better blueprints to guide IT purchasing and manage IT investments, the government’s efforts to secure cyberspaceincluding those in the new Department of Homeland Securitycould fall victim to lingering information security problems.