[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Ron Dick gibt Update zur Arbeit des NIPC
- Das NIPC hat mehr als 8000 Einrichtungen identifiziert, die kritische
Infrastrukturen in den USA betreiben. Sie wurden in drei Gruppen
eingeteilt, je nach der Reichweite ihrer Wirkungen: international,
regional und lokal.
- Infraguard hat inzwischen mehr als 3000 Mitglieder und wächst mit mehr
als 20 Prozent im Monat.
Predictions, Prevention Key to Cybersecurity
Federal government must work with the private sector to put an end to
cyberthreats, NIPC head says.
Sam Costello, IDG News Service
Monday, February 04, 2002
MASHANTUCKET, CONNECTICUT -- Though communication between the government
and private sector in the area of cybersecurity has been good, the U.S.
National Infrastructure Protection Center has areas in which it can
improve, according to NIPC director Ronald Dick, whose keynote speech
kicked off the CyberCrime 2002 conference here on Sunday.
Dick highlighted the prediction and warning of cyberattacks before they
happen as being one of the main areas where improvement is needed. In
order to be effective, the NIPC, which is the cybersecurity wing of the
Federal Bureau of Investigation, has to be able to provide information
that the private sector can act on, something it is now doing, Dick
"The NIPC has finally reached a level of capabilities that we are
finally providing value-added products and information," he said.
Providing such information to the private sector is crucial, Dick said,
because of how interdependent the nation's critical infrastructure
systems have become.
"Future attacks against our infrastructure could have cascading
effects," he said, noting that the banking systems relies on the smooth
operations of telecommunication systems, which in turn requires a
functioning electrical system.
To that end, the NIPC has identified over 8000 entities that control
critical infrastructure in the U.S. and has grouped them into three
tiers--those with international impact, regional impact, and local
impact, Dick said. Currently, the agency is working with the top tier of
groups to develop contingency plans to use in case of an attack, Dick
said, adding that those plans would later be applied to companies in the
"Infrastructure protection can only be accomplished with the government
and private sectors working together," Dick said.
One tool the NIPC relies on for such public/private sector communication
is Infraguard, a nationwide set of cybersecurity groups in which
government and company officials meet to discuss cybersecurity
challenges. Infraguard has over 3000 members and is growing at 20
percent a month, Dick said, making it "one of the largest
government/private sector joint partnerships for infrastructure
protection in the world."
Though the public/private cooperation has led to success for the NIPC,
the organization is not without its shortcomings, Dick said.
"We've done a pretty good job of being reactive to events," he said, but
the NIPC needs to "provide ... information that actively prevents these
attacks before they occur."
The NIPC has been weak in strategic analysis and needs to build a better
program in the area, he said.
Creating such a program is Dick's number one priority, as well as his
most ambitious one, he said.
The NIPC's strategic analysis program will focus on four areas:
prediction, prevention, detection, and mitigation, Dick said. The goal
of this focus will be to better forecast cybersecurity incidents, he
As part of that effort, the organization is looking at creating a
"cyberweather forecast" tool that those responsible for computer
security could look at daily to see what kinds of cyberthreats are on
the horizon, Dick said.
Despite the steady increase in the number of cyberattacks documented by
the Computer Emergency Response Team Coordination Center, which Dick
cited in his speech, he remains optimistic about U.S. cybersecurity.
"Although cyberattacks are on the rise, so is public awareness," Dick
said. "We will not tire until this job is done."
The CyberCrime 2002 conference runs from February 3 to February 5.
Mail an infowar -
- infopeace -
de mit "unsubscribe" im Text.