White House issues 'National Strategy to Secure Cyberspace'

The White House issued its long-awaited National Strategy to Secure Cyberspace report, the document intended to summarize ways to improve network security for government agencies, the private sector and citizens in their homes.

  About fifty pages, the final document, signed by President George W. Bush, drops some of the more controversial statements made in the earlier draft document about whether ISPs or universities, for example, could be doing more on behalf of cyberspace security. Instead, the "National Strategy to Secure Cyberspace" tones down its criticism and is content to "encourage" industry, government agencies, and the public to reduce risks wherever practical. However, beyond the advice about denial-of-service "zombie" software and access controls, the report does take up a few new issues that could have far-ranging impact.

  For one, the report says the government will consider expanding the "Common Criteria" purchasing mandate, which took effect last July primarily for the "national security systems" of the Defense Department,  to include any purchasing done by the government's civilian agencies as well.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

The White House issued its long-awaited National Strategy to Secure Cyberspace report, the document intended to summarize ways to improve network security for government agencies, the private sector and citizens in their homes.

  About fifty pages, the final document, signed by President George W. Bush, drops some of the more controversial statements made in the earlier draft document about whether ISPs or universities, for example, could be doing more on behalf of cyberspace security. Instead, the "National Strategy to Secure Cyberspace" tones down its criticism and is content to "encourage" industry, government agencies, and the public to reduce risks wherever practical. However, beyond the advice about denial-of-service "zombie" software and access controls, the report does take up a few new issues that could have far-ranging impact.

  For one, the report says the government will consider expanding the "Common Criteria" purchasing mandate, which took effect last July primarily for the "national security systems" of the Defense Department,  to include any purchasing done by the government's civilian agencies as well.

  At present, agencies operating national security systems must purchase software products from a list of lab-tested and evaluated products in a program run by the National Information Assurance Partnership (NIAP), a joint partnership between the National Security Agency and the National Institute of Standards and Technology.