Scaled Back Cybersecuruty

sgorman1 · January 7, 2003, 10:25pm

This may be of interst:

AP: Bush Expected to Sign Scaled Back Internet Security Plan

Washington, DC -- A new Bush administration plan aimed at improving the
security of key U.S. computer networks will not be as ambitious as
previously indicated, the Associated Press reported on Tuesday. The plan
is being closely watched by network security firms in the DC area. A
draft
of the proposal, called the National Strategy to Secure Cyberspace,
obtained by the AP contains only 49 of the 86 initiatives of an earlier
version, eliminating such mandates as regular consultations with privacy
experts about civil liberties and a call for corporations to improve
cybersecurity. Instead, it focuses on the security of federal agencies;
it
also makes clear that the Defense Department can engage in "cyber
warfare"
should the U.S. be attacked. The job of improving Internet security,
however, would be handled by the new Homeland Security Department, which
would launch test attacks against various agencies and seek to improve
automated systems that operate water, chemical and electrical networks.
Bush is expected to sign the plan in the coming weeks.
http://www.washingtonpost.com/wp-dyn/articles/A18662-2003Jan6.html

Pete_Kruckenberg2 · January 9, 2003, 7:16am

One of the criticisms of the change relative to this group
is that the previous stronger wording for the network
operator industry was watered down. Instead of
expecting/demanding/mandating that the industry collaborate
on network security (creating an ISAC and other measures),
the latest draft simply recommends that the industry
consider these measures.

Is there anything happening with collaborative security
policy and remediation in the industry? Has any effort
showed progress towards an effective ISAC or similar? Can
networks realistically collaborate on security, or do the
political and operational barriers not justify the effort?

Pete.

Paul_A_Vixie4 · January 9, 2003, 7:36am

pete@kruckenberg.com (Pete Kruckenberg) writes:

Is there anything happening with collaborative security policy and
remediation in the industry? Has any effort showed progress towards an
effective ISAC or similar? Can networks realistically collaborate on
security, or do the political and operational barriers not justify the
effort?

i think that kelly cooper's ISP ISAC was doomed in spite of kelly's
excellent efforts, simply because the ISP community is too large. an IP
Broadband ISAC, and an IP Longhaul ISAC, and an IP Hosting ISAC, and other
small/focused isacs, could yet fly.

to that end :-), something is happening with a DNS ISAC. (more later.)

Kelly_J_Cooper1 · January 14, 2003, 11:17pm

Sorry this was delayed... had some problems with being subscribed to
nanog-post under genuity.com vs. genuity.net. Hopefully, this'll go
through. -kjc

pete@kruckenberg.com (Pete Kruckenberg) writes:

> Is there anything happening with collaborative security policy and
> remediation in the industry? Has any effort showed progress towards an
> effective ISAC or similar? Can networks realistically collaborate on
> security, or do the political and operational barriers not justify the
> effort?

i think that kelly cooper's ISP ISAC was doomed in spite of kelly's
excellent efforts, simply because the ISP community is too large. an IP
Broadband ISAC, and an IP Longhaul ISAC, and an IP Hosting ISAC, and other
small/focused isacs, could yet fly.

Thank you for the props Paul, but I think it was more an issue of money.

Just for the record (because I've gotten several private emails on this)
there is no ISP-ISAC. It is not an entity, a company, or even an
organized group of like-minded ISPs.

The project to create the ISP-ISAC is currently on hold. Funding has been
the main issue, so [ BIG HINT ] if anyone wants to jump up and offer to
fund it, I've got the entire proposed infrastructure documented and ready
for non-profit incorporation, plus several ISPs willing to be founding
members.

(You maybe be asking yourself, what's the funding for? I've said this
before, but it bears repeating. Having worked on ISP-to-ISP cooperation
both formally and informally for 7 years now, I can say that the main
lesson I've learned is that the coordination needs to be someone's job.
Not something they do when they have time, as a subset of their real job,
that gets deprioritized when a local emergency comes up. A real job,
full-time. And something I've noticed is that ISPs don't really trust one
another, so the job has to be ISP-neutral. Those issues mean contracting
the operational piece of an ISP-ISAC out to a third party. And that takes
money.)

to that end :-), something is happening with a DNS ISAC. (more later.)

Good idea. Good luck.

Kelly J.