President Clinton's national plan to guard against cyberterrorism will call for the creation of regional centers where private industry can receive government intelligence information about possible cyberattacks, an administration official said Monday.
The National Information Systems Protection Program will be released "shortly," according to Jeffrey Hunker, director of the Critical Infrastructure Assurance Office (CIAO). It has been in the works since May 1998, when Clinton called for the administration to work with the private sector to create a national center for warning and responding to attacks on the computers that control the stock market, banking, utilities and air traffic by 2003.
Hunker declined to be more specific on timing, but said the plan would not call for any new regulations, nor would it require any company to participate.
"We want to emphasize that this plan will be version one, to borrow from the software industry. This won't be the be-all-and-end-all plan. We plan to offer updates, based on feedback and new ideas... what we are doing is evolutionary as well as revolutionary," Hunker said in an interview.
Companies that have been working with Hunker including Cisco Systems, IBM and GTE. Universities have also been offering input, including the University of Maryland. Hunker said the private industry is on its way to creating some of the national centers and he would expect companies to announce their formation within the near future.
As part of the national plan, Clinton has made a budget request of about $1.4 billion to be used toward different programs for improving security in the future. The programs include scholarships to train students in computer security.
New research and development would also be funded for the development of cyber attack detection programs. Further, the money would be allocated for accelerating next generation intrusion systems within government agencies.
Besides working on the national plan and Clinton's budget request, Hunker's office has been working with the Pentagon's Chief Information Office, to hire ten people to coordinate internal security at the various agencies. In addition, Hunker's office, which falls under Department of Commerce jurisdiction but reports to the National Security Agency, is working with the National Institutes of Standards and the NSA to set standards for security within agencies that compliment security methods used in private industry.
"Part of our job is to answer the questions, if there is a real cyberattack, how do we respond? How do we repair the damage? And how do we respond with law enforcement" to go after the attacker, Hunker said.