Bush weighs future of computer security office

The Bush administration is reviewing whether to continue the operations of the government office that coordinates critical infrastructure policy, according to the head of the office, which is slated for termination this fall. John Tritak, director of the Critical Infrastructure Assurance Office (CIAO), said in an interview Monday that the office's responsibilities should be continued in some form. He said President Clinton's directive that would sunset the office by the end of fiscal year 2001 is "not binding in any way on President Bush." If Bush chooses to issue his own presidential directive, it would override the previous one by Clinton. The new administration is beginning to review the issue and is expected to consider a range of options before deciding how to proceed, Tritak said. If Bush does not act by the deadline, the office simply will close. Tritak stressed, however, that the risks of cyber terrorism "are not going to go away." "The government relies on critical infrastructure," Tritak said. "It is going to be increasingly at risk as we move more into the information age." He added that because much critical infrastructure work has been placed in the private sector, a new level of public-private cooperation is needed to ensure continued security. "This is the first time we have a national security problem the federal government can't solve on its own." In most security issues, the Department of Defense, the FBI or the Federal Emergency Management Administration can handle the situation, Tritak said. But "this is different from protecting air space from a bomber." Clinton's original 1998 directive creating CIAO saw cooperation as a core assumption, Tritak said. Now the indications are that the Bush administration also will make the issue a policy priority, both to continue to protect government services and the national economy. Tritak said CIAO has played a unique role in coordinating the government's widespread efforts on critical infrastructure. He recommended that there be a senior official responsible for coordinating overall critical infrastructure policy, functioning as a single point of contact on the issue. "If we don't have it, we would have to invent it," Tritak said.
Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Sponsored by G Suite

    Cross-Agency Teamwork, Anytime and Anywhere

    Dan McCrae, director of IT service delivery division, National Oceanic and Atmospheric Administration (NOAA)

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.