News

USIS Washington File

07 January 2000

Fact Sheet: Promoting Cyber Security for the 21st Century

(Clinton proposes initiatives to protect Information Systems) (850)

(This Fact Sheet was released by the White House January 7, 2000.)

Following is the text of the Fact Sheet:

(begin text of White House Fact Sheet)

January 7, 2000

PRESIDENT CLINTON AND VICE PRESIDENT GORE:

PROMOTING CYBER SECURITY FOR THE 21ST CENTURY

January 7, 2000

Today, President Clinton launches the National Plan for Information
Systems Protection and announces new budget proposals for initiatives
to strengthen America's defenses against the emerging threats posed to
our critical infrastructure, computer systems, and networks.

The United States has benefited form the most advanced information
technology (IT) infrastructure in the world. This same IT
infrastructure, however, makes us particularly vulnerable to cyber
attack. The most vital sectors of our economy -- power generation,
telecommunications, banking and finance, transportation and emergency
services -- are potentially susceptible to disruptions from hackers,
terrorists, criminals or nation states.

President Clinton has increased funding on critical infrastructure
substantially over the past three years, including a 16% increase in
the FY2001 budget proposal to $2.03 billion. He has also developed and
funded new initiatives to defend the nation's computer systems from
cyber attack. To jumpstart the FY-01 program initiatives, the
President will also propose a $9 million supplemental this spring.

In the 18 months since the President signed Presidential Decision
Directive 63, we have made significant progress in protecting our
critical infrastructures. Last year the President called for the
development of a National Plan to serve as a blueprint for
establishing a critical infrastructure protection (CIP) capability.

Version One, the "National Plan for Information Systems Protection,"
was released today. It is called Version One and invites a national
dialogue leading to future editions. This plan lays out two broad
goals: the establishment of the U.S. government as a model of
information security, and the development of a public-private
partnership to defend our national infrastructures. The Federal
Government as a Model of Information Security.

The Clinton Adminstration has developed and provided full or pilot
funding for the following key initiatives designed to protect the
federal government's computer systems:

Working to Recruit, Train and Retain Federal IT Experts. We have
developed and provided FY2001 funding for a Federal Cyber
ServicesTraining and Education initiative led by OPM and NSF which
calls for two programs: the first is an ROTC-like program where we pay
for IT education (B.S. or M.S.) in exchange for federal service; and
the second is a program to establish competencies and certifyour
existing IT workforce. ($25 million)

Conducting federal agency vulnerability analyses and developing agency
CIP plans. Federal agencies have all developed CIP plans, and these
have been reviewed by a newly created "Expert Review Team" (ERT) of
federal computer security experts. We have also established the ERT as
a permanent team (at the Commerce Department's NIST), with funding
lines in FY2000 and 2001. ($5 million)

Designing a Federal Intrusion Detection Network (FIDNET). To protect
vital systems in Federal civilian agencies, we are providing funding
for development of a cyber "burglar alarm" which alerts the federal
government to cyber attacks, provides recommended defenses,
establishes information security readiness levels, and ensures the
rapid implementation of system "patches" for known software defects.
($10 million)

Piloting Public Key Infrastructure Models. The Clinton Administration
is funding seven PKI pilot programs in FY2001 at different federal
agencies. ($7 million)

Developing Federal R&D Efforts. In addition to the Institute, we have
worked to ensure that R&D investments in computer security will grow
more then 35% in the FY2001 budget. ($621 million)
 
Building the Public-Private Partnership. The President is committed to
building partnerships with the private sector to protect our computer
networks through the following initiatives:

Institute for Information Infrastructure Protection. Building on a
Science Advisory Panel, we are proposing to create an Information
Infrastructure Institute which would combine federal and private
sector energies to fill the gaps in critical infrastructure R&D that
are not now being meet in the private sector or the Department of
Defense. It would also provide demonstration and development support
in key areas like benchmarks and standards, and curriculum
development. ($50m)

Partnership for Critical Infrastructure Security. This alliance of
more than ninety Fortune 500 companies is spearheaded by Secretary
Daley and had a successful kickoff in New York on December 8th. We
will build on this partnership to provide public education and
cooperation with the private sector on a wide variety of information
security issues.

Information Sharing and Analysis Centers (ISACs). Two of the proposed
six private sector computer security centers have been established
(banking and finance and telecommunications). We are working with the
other four sectors to get their proposed ISACs operational in 2000.

National Infrastructure Assurance Council. The President signed an
Executive Order creating this advisory Council, last year. Its members
are now being recruited from senior ranks of the IT industry, key
sectors of the corporate economy, and academia.

(end text of White House Fact Sheet)

(Distributed by the Office of International Information Programs, U.S.
Department of State.)