Cybersecurity center takes shape

In a move applauded by government officials, the Bush administration last week announced plans to establish a central office to coordinate the government's response to cybersecurity attacks.

The center will be modeled on the Year 2000 Information Coordination Center (ICC), which coordinated the government's response on and around the Year 2000 date change, said Richard Clarke, President Bush's cyberspace security adviser, speaking to Congress Feb. 13.

Clarke oversees federal cybersecurity policy, including the interagency Critical Infrastructure Protection Board set up by executive order in October 2001.

The cybersecurity information coordination center, expected to open next month, will unite elements of three security organizations: Clarke's office, the majority of the Critical Infrastructure Assurance Office (CIAO), and the analysis and warning section of the National Infrastructure Protection Center (NIPC), officials say.

With the new office, the administration is seeking to re- create the Year 2000 center "on a smaller scale," Clarke said. That experience was "a shining moment" in which organizations across government and industry came together to tackle a common problem, Clarke told the Senate Judiciary Committee's Subcommittee on Administrative Oversight and the Courts.

The office could be expanded if necessary to bring in other agency officials to deal with specific problems, he said. No matter how much collaboration technology is available, "we really need a flexible, physical location where when there is a problem, we have a place to put people from across government," Clarke said.

There's a real need for this, agreed Sallie McDonald, assistant commissioner for information assurance and critical infrastructure protection at the General Services Administration.

During the past two years, the people and organizations involved in critical infrastructure protection have developed a more structured system for communicating during incidents, but "to have a central point where we can meet and collaborate is key to that," she said. "Technology is wonderful, but it takes people to work these problems and you need to bring people together."

Clarke's office considered incorporating the security operations at GSA, including the Federal Computer Incident Response Center. However, GSA recently invested in new equipment and facility improvements for its programs, so it didn't make economic sense, according to McDonald.

The benefits of a physical command center were clear during the Year 2000 change.over, as officials had to combine information and address concerns from many different sources, said a former senior ICC official. When conflicts came up, "we were in the same place so we could talk face-to-face as well as access the data," he said.

The move also makes fiscal sense because Clarke's office does not have much funding of its own and the center will rely mostly on funding received by the CIAO and the NIPC, said Tiffany Olson, Clarke's deputy chief of staff.

The fiscal 2003 budget request focuses on homeland security initiatives and includes an increase of more than $50 million for the NIPC and more than $20 mil.lion for the CIAO. Most of the CIAO's increase will go to a new Information Integration Office, which will design and help implement an information architecture that will enable agencies to share information.

Clarke's office also is responsible for several other security initiatives just getting started under the umbrella of homeland security. These include GovNet, the proposed separate intranet for critical federal functions that cannot afford to be disrupted by cyberattacks, and a new wireless priority access system for emergency response personnel.