Feds urge business execs to focus on cybersecurity

Recognizing that the federal government has little control over the nation's public and private computer networks, Clinton administration officials are encouraging business executives to take information security more seriously.

"We can cajole the private sector into doing the right thing, or you can scare them into doing the right thing," White House Chief of Staff John Podesta told a conference of the Institute of Internal Audits held Tuesday in the Old Executive Office Building.

Because of society's increasing dependence on computer networks, "this is the first time that government alone can't protect the nation's infrastructure," said Commerce Secretary William Daley.

Richard Clarke, national coordinator for security, infrastructure assurance and counter-terrorism, compared the challenge of securing computer networks to the Year 2000 computer conversion. References to Y2K surfaced repeatedly during the conference on critical infrastructure assurance, and in the way that the threat of computer glitches mobilized the CEOs of Fortune 500 companies to seriously address information technology problems.

But Stephen Malphrus, staff director for management of the Federal Reserve Board, argued that unlike the Y2K threat, "a major attack could come tomorrow, or even later today."

Treasury Secretary Lawrence Summers trumpeted his agency's role in creating the first Information Sharing and Advisory Council for the financial services industry.

"This is going to be a critical business issues in the future. I have no doubt that 10 years from now, this will be an integral practice of all businesses," he said. "The only question is whether it will happen in a smooth way, or whether we will have four to five spectacular failures along the way."

Malphrus challenged information technology businesses to develop more bug-free software. "Think of the number and the cost of fixes" that businesses and government agencies must constantly use to upgrade their security software, he said. "Vendors must do more to build these fixes in as part of their quality control."