|WASHINGTON – Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman, ID-Conn., and Ranking Member Susan Collins, R-Me., Wednesday were presented with a new report identifying strategic objectives the federal government should pursue for improved cyber security. The report, produced by the Institute for Information Infrastructure Protection at Dartmouth College, or I3P, examined the cyber security challenges facing the economic, physical, and human infrastructures and asserted that cyber security needs to be a national priority.
“Moving toward a more secure information infrastructure will require a concerted and committed effort on multiple fronts with the government playing a major role in creating and managing an effective national research and development effort,” the report concluded. “The new Administration has a major opportunity to direct and coordinate cyber security research and development efforts in ways that could provide protection from threats in the near term. This report is intended to provide informed suggestions as a path forward is determined.”
The report identified four core R&D priorities for the next five to 10 years:
• Develop a Coordinated and Collaborative Approach: A national research agenda is needed to avoid duplication, omission, and contradictory directions.
• Impose Security Metrics: Metrics are needed to develop new security systems and improve and maintain existing ones. They will help government and industry make more informed decisions toward the design, purchase, and implementation of security tools.
• Create an Effective Legal and Policy Framework: A sound domestic and international legal and policy framework should encourage innovation rather than impose prescriptive regulations.
• Address the Human Dimension of Security: People must be engaged as a positive force to improve cyber security. Information security systems must be easy to use by non-IT professionals; awareness and education campaigns must be directed at the public and private sectors; and security training should be taught in schools.
Lieberman and Collins – who served as honorary co-chairs of three forums conducted by I3P in the fall of 2008 with representatives from industry, government, and academia to identify government-supported research and development priorities – thanked the organization for its work.
“There is no doubt that cyber security has become an area of critical importance for the public and private sectors in this time of economic competitiveness and increased network intrusions,” Lieberman said. “I3P has made a valuable contribution to the debate and identified a number of areas for improvement to which we must give serious consideration. I thank them for their dedication to this topic.”
“The research and development strategies recommended in this report can provide a valuable guide for government as our nation works to improve the security of our critical information technology infrastructure,” said Senator Collins. “It is worth noting the way in which I3P developed these recommendations – through a partnership of academic experts, government officials, and private sector representatives. Because most of the nation’s information technology infrastructure is in private hands, such collaboration is essential to provide effective cyber security for the federal government and the entire nation.”
I3P was founded at Dartmouth College in 2002 by a federal grant to coordinate and support research and development in the area of cyber security.