That report they point at sponsored the NRC panel I spoke at in Irvine
in February. Should be interesting...
RK
===============================================
Companies try to secure cyberspace
WASHINGTON - A consortium of private companies for the first time is
launching an effort to find ways to secure cyberspace.
The Manhattan Cyber Project will look at ways to identify and prevent
threats to security from criminals or terrorists.
"We're trying to get some hard numbers and real audit data to work
with," says Robert Huffman of WheelGroup, a cybersecurity consultant.
"Until now the threat has always been anecdotal in nature."
A 1996 survey of Fortune 1000 firms by security firm WarRoom Research,
which developed the consortium, shows:
(a) 58% had computer break-ins in the previous 12 months.
(b) 18% suffered losses exceeding $1 million.
The consortium's goal is to create a nonprofit research center to test
products and give technical suppport to industry.
Meanwhile, the government is taking up the issue of privacy on the
Internet.
The Federal Trade Commission starts hearings Tuesday on complaints that
personal information is gathered and used by online operators without
user consent or knowledge.
A survey from The Electronic Privacy Information Center, a nonprofit
consumer group, shows that of the Internet's 100 most popular Web
sites, about half collect personal information from users.
The consortium of private industry, which has been reluctant to work
with the government on security issues, is focusing on business
security.
"It's working together, breaking down competitive barriers and
information sharing which is the real value of this consortium," says
Alan Fedeli of IBM, project member.
Sponsors also include Ernst & Young and Bell Atlantic.
Companies will be asked to share details of cyberattacks as well as
strategies or technologies that have blocked them.
"Take an industry like banking," says Huffman. "On a typical 30-day
period, how bad is the problem? We just don't know right now."
The government is conducting a nearly parallel effort with a
presidential commission that is studying threats to critically
important systems like power grids, telecommunications or banks. Its
report is due Oct. 13.
But the government has yet to embrace the Manhattan Cyber Project.
By M.J. Zuckerman, USA TODAY