Richard Clarke, chairman of the Critical Infrastructure Protection Board, last week released the draft National Strategy to Secure Cyberspace for comment at a ceremony at Stanford University, which aimed to highlight the partnership between the public and private sectors in developing the strategy. The demonstration, however, showed the gaps in the draft strategy.
Most of the recommendations for securing cyberspace are couched in terms of "should" and "could," rather than providing specific requirements for what IT security equipment agencies must buy or what security processes they should follow. For example, the report says that the federal CIO Council and relevant agencies should consider creating a "cyberspace academy" that could link federal cybersecurity and computer forensics training programs. The plan also asks agencies and companies to voluntarily secure their systems.
The link for this article located at FCW is no longer available.
