Government, industry debate international IT security center

BRUSSELS, BELGIUM - U.S. and European officials and businesses on Monday debated the merits of a proposal to establish a global center for information technology security based on the center that united them in their fight against the much-anticipated Y2K computer bug.

Harris Miller, president of the Information Technology Association of America, raised the issue here at the U.S.-EU IT Security Forum. "There is still no mechanism globally that allows governments on an instantaneous basis, and industry on an instantaneous basis across industries, to communicate regularly or in the case of a crisis about cyber security," he said in an interview.

Miller said that like the Y2K center, the proposed International Information Security Coordination Center could be a small and inexpensive operation. "The players are in place, but the coordination center is necessary to get all the players on the same page, to get the communications network established," he said.

White House cyberspace adviser Richard Clarke said there is a need for a global system, which "could be a Y2K-style center or something else," so that governments and industries can communicate.

Clarke recalled that when the original Y2K center was proposed, 182 Y2K national-level "czars" were contacted about it, but there was little response. But they joined the effort when the United States sent first-class plane tickets and hotel accommodations to a conference in New York regarding the matter. "So I'm looking into the pricing of airline tickets," he said.

Clarke was to meet with European Information Society Commissioner Erkki Liikanen on Monday. The European Commission soon will announce a cybersecurity task force that will function as a response center. But Detlef Eckert, head of the policy planning unit at Liikanen's directorate, said hope for a global center is "rather minimal" based on the failure of similar efforts at the Group of Eight industrialized countries and by the European Commission in recent years.

FTC Commissioner Orson Swindle was cautiously supportive, saying that ongoing dialogue about cybersecurity would lead to the best solution and warning against permitting such a body to move into regulation. He also suggested watching for unintended consequences.

Miller said coordinating with other countries up front is important. With the Y2K center, he said, "there was the same kind of planting of seeds, getting buy-in, because at the end of the day, the U.S., Europe, Japan and maybe Canada will have to be the driving organizations to fund it and get it moving."

Clarke's support for the idea is essential, but industry likely would look to an economic entity such as the Commerce Department to lead it, Miller said.

Robert Holleyman, president of the Business Software Alliance, said the Y2K-style center "is a good option," adding that it would take extra effort to succeed and that more resources would be needed than were involved in organizing Y2K efforts.

Miller said there is a "growing sense of urgency" about IT security and predicted that the center could be in place in six months to a year.