Ridge: Cybersecurity at 'heart' of department's work
Homeland Security Secretary Tom Ridge said on Thursday that his department will work as hard to address threats to the Internet as it does to address physical threats.
"We will not distinguish between physical and cyber in this new unit," Ridge told the House Homeland Security Appropriations Subcommittee in a hearing on the fiscal 2004 budget. "We will pay as much attention to the Internet as we do physical."
Ridge said that he understands a cyber attack could affect every aspect of the U.S. economy and government and that preventing such an attack is "at the very heart" of his department's duties. He also said that since last month, the department has been "actively engaged" in talks about the nation's cyber infrastructure with the private sector and other groups "because they have their own list of what the vulnerabilities are."
Much rests on the vulnerability assessments being done on critical infrastructures, he said. Resources will go to the areas assessed at the highest risk.
Ridge also said that in the department's first research and development priority is to create a process for certifying new technologies. "We have been inundated with hundreds and hundreds of technologies," he said, noting that he also has attended tech fairs.
The department is studying existing technologies at national laboratories, in the private sector and elsewhere to "see what's out there," test the products and, if they work, deploy them to those who need them, he said. A high priority in the near term is detection equipment for biological, chemical and other types of threats, he said.
Ridge said the department also has to set technical standards for security technologies to ensure that products are compatible with each other.
He countered lawmakers' criticism of the fiscal 2004 budget request for state and local emergency responders. Members also cited concerns about the money proposed for immigration, customs and port issues.
On another front, Ridge vowed to give the privacy and the civil liberties officers for his department an "integral part in the policy process in my office." And he stressed that the department will have an independent information-analysis center.
Department staff at the new Terrorist Threat Integration Center (TTIC), along with the other members of the intelligence community, will receive first reports of terrorist threats, Ridge said, and his analysts will assess the threats to critical infrastructure and distribute appropriate information to state and local authorities.
Ridge said 10 or 11 units in the department will gather information, as well as receive information from, and provide it to, the TTIC. "We will be a consumer, but we will also be a producer," he said.
Ridge said the department's chief information officer is developing plans for a technology framework that would enable Homeland Security to share information both within and outside the department. A strategic plan to let the department's various agencies access terrorist watch lists also is being prepared, he said.