White House cyber chief pushes Internet operations center

The White House's cybersecurity specialist on Tuesday lobbied technologists attending a conference to support his recommendation that the private sector and federal government create an "Internet operations center" to constantly monitor the Internet for attacks.

Speaking at a conference sponsored by the Internet security company Symantec, Richard Clarke, head of the White House Office of Cyberspace Security, said the federal government should take a greater role in updating and securing Internet protocols. He asked attendees to send their reactions and comments about both ideas, as well as the draft cybersecurity strategy released last month, to the White House.

Clarke said comments regarding the national strategy would be summarized and made public after the Nov. 18 submission deadline. Because of the White House privacy policy, however, commenters' identities will remain anonymous. In the weeks following the release of the strategy, several privacy groups expressed concern that the government would not release the comments.

Clarke said he envisions an Internet operations center where 15 to 20 of the nation's largest Internet service providers (ISPs) and router and security companies would provide constant data on the state of the Internet. The government would not run the center, but it would receive some government funding, he said. A university or national laboratory could host the center, he said.

"Nowhere is there a synaptic view of the Internet. ... Nowhere can you go to get a real-time look at ... whether there is a virus spreading or a huge denial-of-service attack," Clarke said. "There needs to be some place for that, not in the government, though we might help put it together and pay for it ... but a place for that synaptic view to know if we are under attack."

Clarke said ISPs and telecommunications companies approached him with the idea of a monitoring center, leading him to believe that the private sector would participate. Clarke said he hopes to include the center in the final strategy and recommend that Congress fund it. He said the cost is not likely to be large, though he declined to elaborate.

On Internet protocols, Clarke said the government could participate in Internet Engineering Task Force (IETF) meetings and fund IETF test beds as they develop more secure protocols. There is an IETF security group focused on the issue, he said, "but often it takes a long time for the IETF to test those protocols because of lack of test beds," which the government could help foster.

Clarke reiterated that the government should not regulate cybersecurity and that market forces would result in companies and individuals doing more to protect their computer networks. He also rejected the idea that the government could offer tax incentives to companies that implement cybersecurity plans. He said that would mean less money in the treasury, and there is no way to target how money from the tax incentive would be spent.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Sponsored by One Identity

    One Nation Under Guard: Securing User Identities Across State and Local Government

    In 2016, the government can expect even more sophisticated threats on the horizon, making it all the more imperative that agencies enforce proper identity and access management (IAM) practices. In order to better measure the current state of IAM at the state and local level, Government Business Council (GBC) conducted an in-depth research study of state and local employees.

    Download
  • Sponsored by Aquilent

    The Next Federal Evolution of Cloud

    This GBC report explains the evolution of cloud computing in federal government, and provides an outlook for the future of the cloud in government IT.

    Download
  • Sponsored by LTC Partners, administrators of the Federal Long Term Care Insurance Program

    Approaching the Brink of Federal Retirement

    Approximately 10,000 baby boomers are reaching retirement age per day, and a growing number of federal employees are preparing themselves for the next chapter of their lives. Learn how to tackle the challenges that today's workforce faces in laying the groundwork for a smooth and secure retirement.

    Download
  • Sponsored by Hewlett Packard Enterprise

    Cyber Defense 101: Arming the Next Generation of Government Employees

    Read this issue brief to learn about the sector's most potent challenges in the new cyber landscape and how government organizations are building a robust, threat-aware infrastructure

    Download
  • Sponsored by Aquilent

    GBC Issue Brief: Cultivating Digital Services in the Federal Landscape

    Read this GBC issue brief to learn more about the current state of digital services in the government, and how key players are pushing enhancements towards a user-centric approach.

    Download

When you download a report, your information may be shared with the underwriters of that document.