States to adapt cybersecurity

The federal office that oversees the development of plans to protect the

nation against cyberattacks is working with Virginia to adapt the federal

model to the state and local environment.

The Critical Infrastructure Assurance Office is meeting with Virginia

Secretary of Technology Donald Upson to start determining the role of the

many state and local governments when it comes to protecting the systems

that support the nation's critical infrastructure, such as telecommunications

and power.

These meetings are an important step toward expanding the efforts under

Presidential Decision Directive 63, signed by President Clinton in May 1998

and requiring federal agencies to lead the protection of critical infrastructure

systems.

Last month, President Bush announced his intention to continue the work

under the directive, but today officials still do not know what is the role

of federal, state and local governments in critical infrastructure protection,

Upson said Monday at the Armed Forces Communications and Electronics Association's

symposium on Protecting e-Government in the 21st Century.

The partnership with Virginia will include adapting the CIAO's Project

Matrix, an initiative to find the vulnerabilities introduced when a critical

system depends on others, said John Tritak, director of the CIAO. It is

also a key program to help organizations prioritize where their resources

should be used, he said.