TOPICS
TOPICS
Computer security threats go beyond Y2K
While year 2000 remediation efforts could make the government and corporations more vulnerable to attacks on their technology infrastructures, computer security risks will stretch beyond the 2000 date change, a panel of IT experts told House lawmakers Wednesday.
The House Y2K Working Group, headed by Reps. Steve Horn, R-CA, and Connie Morella, R-MD, based their fears of Y2K-related computer security threats on a Gartner Group study that predicts that by 2004 there will be at least one reported loss of $1 billion or more related to Y2K repair efforts.
"While the vast majority of these contractors are honest and trustworthy people, even a few unscrupulous operators could create significant problems," Horn said.
Wayne Bennett, a Boston attorney who focuses on technology issues, said that companies have faced computer security risks ever since they installed the machines, and that the Y2K issue has actually illustrated the vulnerability of the technology infrastructure.
"In fact, such a fraud at some point is inevitable," he said. "But is it more likely now? I doubt it."
Harris Miller, president of the Information Technology Association of America (ITAA), urged lawmakers to continue funding the Critical Information Infrastructure Assurance Program (CIIAP) office at the Commerce Department's National Telecommunications Information Administration, to help government and private industry address computer security concerns.
The House Appropriations Committee, citing a lack of funds for new programs, zeroed out proposed spending for next year for the Federal Intrusion Detection Network (FIDNET), a computer security program drafted by the National Security Council that has raised privacy concerns by civil liberties groups. The CIIAP office is part of a network of government agencies developing a security strategy.
ITAA heads an industry panel - which also includes the U.S. Telephone Association and the Telecommunications Industry Association - that is working with Commerce to develop methods to protect the country's technology infrastructure.
Miller said industry groups are more comfortable working with Commerce than other law enforcement agencies like the FBI.
"A well prepared and informed private sector can work with government to find the proper balance which optimizes the government's need to protect the critical infrastructure with business' need to manage risks appropriately," Miller said.
RELATED STORY:
Feds draw lessons on computer security from Y2K
(July 30)
For more information on how the federal government is managing the Year 2000 problem, see GovExec.com's Y2K Manager's Toolbox.
Post a Comment
To post a comment, you must provide a name and a valid e-mail address. Messages must be limited to 400 words. By using this Service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although Government Executive does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.