The New York Times The New York Times Technology What are the Top 10
Hippest Vehicles for 2005?

 

NYTimes: Home - Site Index - Archive - Help

Welcome, lazowska - Member Center - Log Out
  Search: Open a Harrisdirect account and get $100 Credit!
0 0 0 0 0 0 0


ARTICLE TOOLS
Printer Friendly Format Printer-Friendly Format
Most E-mailed Articles Most E-Mailed Articles
Reprints & Permissions Reprints & Permissions



NYT Store
Photo: An early computer, the "mechanical mind" developed at MIT, 1927.
Photo: An early computer, the "mechanical mind" developed at MIT, 1927.
Price: $195. Learn More.



What's new in Theater?

Men behaving badly on Broadway


Also in Theater:
Have you seen "Romance?"
Don't miss "Woman Before a Glass"
More shows opening this spring


Study Criticizes Government on Cybersecurity Research

By JOHN MARKOFF

Published: March 19, 2005

SAN FRANCISCO, March 18 - A report released Friday by a panel of computer experts criticizes the federal government, saying that its financing of research on computer network security is inadequate and that it is making a mistake by focusing on classified research that is inaccessible to the commercial sector.

Advertisement

The report, commissioned by the Bush administration, calls for the government to spend $148 million annually on Internet security research through the National Science Foundation, over the current $58 million. It also urges more research spending by the Pentagon's Defense Advanced Research Projects Agency, or Darpa, and by the Department of Homeland Security.

The report, "Cybersecurity: A Crisis of Prioritization," was prepared by a subcommittee of the President's Information Technology Advisory Committee, a group of industry and university experts.

Research in Internet security is needed to protect systems that run the government and military operations, as well as other areas, including the electric power grid, the air traffic control grid and financial systems, the report said.

"The federal government is largely failing in its responsibility to protect the nation from cyberthreats," said Edward D. Lazowska, chairman of the computer science and engineering department at the University of Washington and co-chairman of the panel. "The Department of Homeland Security simply doesn't 'get' cybersecurity. They are allocating less than 2 percent of their science and technology budget to cybersecurity, and only a small proportion of this is forward-looking."

Michelle Petrovich, a spokeswoman for the Department of Homeland Security, disputed the criticism. "We take cybersecurity seriously and have taken aggressive measures to address various needs," she said. "Our cybersecurity budget has gone up every year."

Peter Neumann, an independent computer scientist at SRI International, a research center in Menlo Park, Calif., said that both Congress and the Bush administration had been neglecting civilian Internet security research.

"The problem is that there is no sense of the importance of research in this Congress or in this administration," said Mr. Neumann, who consults for the government.

The panel also found that the Internet security research community was too small to meet a government goal of at least doubling the size of civilian Internet security researchers by the end of the decade. Fewer than 250 Internet security researchers are now at United States universities, largely because of unstable funding levels, the panel said.

The authors argue that because universities have provided many crucial ideas, technologies and talent, both the civilian and the military sectors are likely to be hurt by the recent trend.

The panel also criticized a recent shift, at both Darpa and the National Security Agency, toward short-term classified research over long-term academic research.

The report found that efforts to transfer federal research to Internet security businesses were inadequate and that there was a basic absence of leadership and coordination. The authors recommended that a federal interagency group take responsibility for coordinating Internet security research.

The report says the current commercial approach to security problems tends to consist of a series of patches. "Even if all the best practices were fully in place, in the absence of any fundamental new approaches we would still endlessly be patching and plugging holes in the dike," the report states.

The report also lists 10 Internet security research priorities, including authentication technologies, secure protocols, improved engineering techniques, monitoring and detection tools and cyberforensics.


Special Offer: Home Delivery of The Times from $2.90/week.




RELATED ARTICLES
. COMPANY NEWS; DATA BROKER HIRES SCREENING OFFICER AFTER BREACH  (March 9, 2005) 
. TECHNOLOGY; Senator Says Data Service Has Lax Rules For Security  (February 25, 2005)  $
. National Briefing | Washington: E-Mail Virus Contains F.B.I. Address  (February 23, 2005) 
. TECHNOLOGY; Gates Tells of Microsoft Effort to Fight Viruses  (February 16, 2005)  $
Find more results for Computer Security and Computers and the Internet

TOP TECHNOLOGY ARTICLES
. Dangling Broadband From the Phone Stick
. Growth of Wireless Internet Opens New Path for Thieves
. Oracle Raises Offer for Retek, Topping Bid by German Rival
. DreamWorks Animation Posts Profit on 'Shrek 2' DVD Sales
Go to Technology

OUR ADVERTISERS
Learn how Avaya
can connect your
remote workers.
FREE White Paper


Up to 30% off select new Dell Home systems. Click for details.

The HP Color LaserJet 3500. Now with a $100 mail-in rebate.

30 free trades
at Ameritrade.
Join now.




TIMES NEWS TRACKER

  Topics

Alerts
Computer Security


Computers and the Internet



Track news that interests you.