Flipside

Bob Dix recognizes his reputation for cyberterrorism worst-case scenarios.

Bob Dix recognizes his reputation for cyberterrorism worst-case scenarios. "Some people think there are times when I maybe overstate the urgency," said Dix, former staff director for the House Government Reform Committee's Technology, Information Policy, Intergovernmental Relations and the Census Subcommittee. Dix's biggest fear is a two-pronged attack that could, for example, take down parts of the U.S. electrical grid so we couldn't respond to a physical attack. "I don't think you can overstate the urgency," he said. Dix left his congressional position last December to become vice president of government affairs at Citadel Security Software.

You say better cybersecurity is urgently needed, but you are against new laws requiring manufacturers to meet some minimal standard.

Dix: If you try a legislative solution, history tells us that you are then faced with the law of unintended consequences, and you have a tendency to stifle innovation. There are other things we can do. Government has an opportunity to leverage its purchasing power to influence the marketplace and to be a leader that the private sector will follow. The manufacturing community isn't going to develop two products, one for the government and one for the consumer.

Why would government take the lead?

Dix: Government now has to have security at the front end of the discussion. That is going to drive the market to look at it differently — it can't just be features and functionality. ... I also happen to think that the Office of Management and Budget needs to be more aggressive in its addressing the failure to comply with requirements of the Clinger-Cohen Act.

Does OMB's cybersecurity line of business, a new effort to investigate standardizing common security processes, go far enough?

Dix: It's not enough, but I think it's a large step forward because it acknowledges that this solution has to be addressed on an enterprise basis. Right now a lot of agencies own a lot of things, but there's not a coherent strategy for how it all fits together.

Will Congress continue to press federal agencies on security issues, now that your old subcommittee has been dissolved?

Dix: This is a subject area that is a specific concern to [House Government Reform] Chairman [Rep.] Tom Davis (R-Va.), and I am confident that he will keep his eye on this ball.

NEXT STORY: Federal Computer Week: Site Map