Securing Cyberspace: A Shared Duty

Old equipment, poor practices, slow response blamed for sloppy security.

Leonadis McKinney, Medill News Service

WASHINGTON-- When it comes to protecting the nation from cybercriminals, Congress faces the same challenge that most PC users do: dealing with equipment that rapidly becomes obsolete.

Hackers and terrorists aren't the biggest enemy, government analysts say. Given the lightning-quick evolutionary pace of computer technology, any legislation dealing with cyberspace is in danger of being immediately irrelevant.

"One of the most alarming characteristics of federal government is that it is ponderous and sluggish in its movements," says Chris Cox (R-California), who chairs the House Homeland Security Committee. He spoke at a hearing by a Homeland Security subcommittee Tuesday, discussing the race between statute and technology.

And that is where industry and consumes should help, say representatives of some of the nation's largest software firms, computer vendors, and online service providers.

Cooperation Urged

In the latest in a series of hearings on eradicating cyberthreats, a panel of executives from leading technology companies said the computer industry can help the government overcome the bureaucracy's glacial speed and secure the Internet. The best possible tactic, lawmakers and industry representatives agree, involves corporations, consumers, and government agencies working together.

"Since everyone is using these systems, we all play a role," said Dr. James Lowery, Dell's chief security architect. Also participating were executives from Microsoft, Sun Microsystems, AOL Time Warner, and AT&T.

The panel recommended that the government use its dual roles as regulatory body and customer to help the computer industry set and enforce baseline security standards. The industry would do its part by sharing information with government agencies and educating computer users about the latest online threats and security measures.

Consumers Play Role

Most important, consumers would have to use that information and perhaps even overhaul how they approach the Internet, participants noted. Consumers must learn that convenience and security are to a degree mutually exclusive, added Whitfield Diffie, chief security officer for Sun Microsystems.

"Very often, the short sight of computer users drives security policy" to the detriment of cybersecurity, Diffie said.

The panel was uniformly optimistic about the future of online security. Nevertheless, Microsoft Senior Security Strategist Philip Reitinger expressed dismay that at this point "hackers are better at sharing information than we in government and industry are."

Tuesday's subcommittee hearing was the third in a series of four to ascertain the status of U.S. cybersecurity and to determine whether federal action is needed to strengthen security.

Previously, the committee heard from government officials and computer security experts. The final hearing, to determine possible solutions, is scheduled for July 22.