While year 2000 remediation efforts could make the government and corporations more vulnerable to attacks on their technology infrastructures, computer security risks will stretch beyond the 2000 date change, a panel of IT experts told House lawmakers Wednesday.
The House Y2K Working Group, headed by Reps. Steve Horn, R-CA, and Connie Morella, R-MD, based their fears of Y2K-related computer security threats on a Gartner Group study that predicts that by 2004 there will be at least one reported loss of $1 billion or more related to Y2K repair efforts.
"While the vast majority of these contractors are honest and trustworthy people, even a few unscrupulous operators could create significant problems," Horn said.
Wayne Bennett, a Boston attorney who focuses on technology issues, said that companies have faced computer security risks ever since they installed the machines, and that the Y2K issue has actually illustrated the vulnerability of the technology infrastructure.
"In fact, such a fraud at some point is inevitable," he said. "But is it more likely now? I doubt it."
Harris Miller, president of the Information Technology Association of America (ITAA), urged lawmakers to continue funding the Critical Information Infrastructure Assurance Program (CIIAP) office at the Commerce Department's National Telecommunications Information Administration, to help government and private industry address computer security concerns.
The House Appropriations Committee, citing a lack of funds for new programs, zeroed out proposed spending for next year for the Federal Intrusion Detection Network (FIDNET), a computer security program drafted by the National Security Council that has raised privacy concerns by civil liberties groups. The CIIAP office is part of a network of government agencies developing a security strategy.
ITAA heads an industry panel-which also includes the U.S. Telephone Association and the Telecommunications Industry Association-that is working with Commerce to develop methods to protect the country's technology infrastructure.
Miller said industry groups are more comfortable working with Commerce than other law enforcement agencies like the FBI.
"A well prepared and informed private sector can work with government to find the proper balance which optimizes the government's need to protect the critical infrastructure with business' need to manage risks appropriately," Miller said.
NEXT STORY: Senate panel passes federalism bill