FYI.....seeing the discussion today I thought I'd offer this to the group as well. Cheers, rf Original with contextual reference URLS located at: http://www.infowarrior.org/articles/2002-11.html America's National Cybersecurity Strategy: Same Stuff, Different Administration Richard Forno (c) 2002 Infowarrior.org. All Rights Reserved Article #2002-11. Permission granted to reproduce and distribute in entirety with credit to author. Today the White House releases its long-awaited "National Strategy To Secure Cyberspace." This high-level blueprint document (black/whiteor color), in-development for over a year by Richard Clarke's Cybersecurity team, is the latest US government plan to address the many issues associated with the Information Age. The Strategy was released by the President's Critical Infrastucture Protection Board (PCIPB), an Oval Office entity that brings together various Agency and Department heads to discuss critical infrastructure protection. Within the PCIPB is the National Security Telecommunications Advisory Council (NSTAC), a Presidentially-sponsored coffee klatch comprised of CEOs that provide industry-based analysis and recommendations on policy and technical issues related to information technologies. There is also the National Infrastructure Advisory Council (NIAC) - another Presidentially-sponsored klatch - allegedly consisting of private-sector 'experts' on computer security; but in reality consists of nothing more than additional corporate leaders, few if any considered an 'expert' on computer security matters. Thus, a good portion of this Presidential Board chartered to provide security advice to the President consists of nothing more than executives and civic leaders likely picked for their Presidential loyalty and/or visibility in the marketplace, not their ability to understand technology in anything other than a purely business sense. Factor in Richard Clarke's team many of whom, including Clarke, are not technologists but career politicans and thinktank analysts and you've got the government's best effort at providing advice to the President on information security, such as it is. (One well-known security expert I spoke with raised the question about creating a conflict of interest for people who sell to the government or stand to gain materially from policy decisions to act in advisory roles, something that occured during the Bush Administration's secret energy meetings.) Now that you know where the Strategy comes from, let's examine some of its more noteworthy components. < - SNIP - > Original with contextual reference URLS located at: http://www.infowarrior.org/articles/2002-11.html