Report: U.S. must bolster national infrastructure protection policy

The White House's approach to private-sector critical infrastructure protection is inadequate and needs to be more authoritative, according to a new report from the Century Foundation think tank for homeland security.

The report was written by a task force chaired by former national counterrorism advisers Richard A. Clarke and Rand Beers.

The Bush administration's National Infrastructure Protection Plan currently sets up a framework for 17 economic sectors?including food, water, power and IT?to set up their own committees to develop sector protection plans in consultation with government agencies. About 80 percent of the critical infrastructure is privately owned.

But such a process is not robust enough to prevent or respond to major incidents that may cause massive fatalities, such as the risk of terrorists attacking a large chlorine plant, the report said.

"Private-sector participation cannot be relegated to a select few CEOs on advisory committees. These committees tend to stay away from taking any action that would obligate or commit the private sector to act," the report said.

The White House should take a more active role by instructing the Homeland Security Department to establish joint planning committees for each of the 17 economic sectors, the foundation recommended. To foster cooperation and to address industry's need for protecting sensitive information, these committees should be exempt from the Federal Advisory Committee Act that would have required open meetings, the report said.

The report, titled "The Forgotten Homeland," makes more than 100 recommendations for improving homeland security. Among the recommendations are focusing attention primarily on metropolitan areas for planning, funding and training; strengthening critical infrastructure protection and cybersecurity; and re-establishing the Federal Emergency Management Agency as an independent agency. The task force members also suggest reducing several Defense Department weapons programs to divert $23 billion more for homeland security.

In the area of cybersecurity, the report advises the White House to "use its convening power to standardize and coordinate private sector efforts" and to establish a new national information assurance policy directive for a framework for protecting critical cyber systems, clarifying roles and responsibilities and eliminating overlap.

In addition, Defense Department cybersecurity warning efforts should be expanded into a national cyber attack sensing, warning and response capability, the report said.