DHS challenges private sector on cybersecurity

Find opportunities — and win them.

The Homeland Security Department issued a challenge today to IT vendors: Step up to security responsibilities.

SANTA CLARA, CALIF. - The Homeland Security Department has issued a challenge to IT vendors.

"The private sector has to step up to its security responsibilities," said Robert Liscouski, DHS' assistant secretary for infrastructure protection. "A lot of people out there are willing to legislate how you do your work if you don't rise to the challenge."

Liscouski spoke today at the National Cyber Security Summit in Santa Clara, Calif. The summit was designed to establish strategies for implementing the recommendations of the White House National Strategy to Secure Cyber Space, released earlier this year.

"Securing cyberspace is not a small effort," Liscouski said. "We are demanding the help of the vendor and academic communities."

DHS faces an enormous task in securing America against terrorism, a task compounded by the fact that 85 percent of the infrastructure is owned and operated by the private sector. The electric grids, banking system and all other aspects of the nation's backbone are technology-based. They present an attractive target to terrorists.

"A few lines of code can wreak more havoc than a bomb," DHS secretary Tom Ridge said. "Every computer in the country represents a potential point of vulnerability."

Ridge, though, left the tough talking to Liscouski.

"We are not going to let anyone in government or the private sector dodge their responsibilities to cybersecurity," he said. "We want to see results, and I will be sticking my finger in the chest of anyone failing to step up."

Five task forces were assembled from a list of over 300 attendees representing IT vendors and government agencies. The task forces, each addressing key challenges identified in the National Strategy, are:

  • Awareness for Home Users and Small Business

  • Corporate Governance

  • Cyber Security Early Warning Systems

  • Security Across the Software Development Life Cycle

  • Technical Standards and Common Criteria