Dissension, lobbying narrow administration's cyber plan
In the days before the unveiling of the Bush administration's national strategy to protect cyberspace, dissension within the administration and continued lobbying by some business groups led to a whittled down version of the initial plan, according to high-tech industry sources.
Earlier in the month, the administration's Critical Infrastructure Protection Board had planned to release a hefty strategy report that ambitiously outlined actions that business sectors and the federal government should take to secure their computer networks and critical infrastructure, according to industry sources.
The official draft to be released Tuesday evening is 66 pages and clearly marked "draft." It is voluntary and contains no government mandates. It, like earlier versions, states that the document was expected to evolve and undergo updates as technology and national security progressed. Technology Daily obtained a copy of the official draft from industry sources.
Several days ago, a version sent to government agencies was 340 pages, but disagreements from the private sector and within government agencies prompted the board, chaired by Richard Clarke, to make numerous changes, industry sources said.
"To give them the benefit of the doubt, they are trying to get an awful lot of people in the government to sign off, and what always happens with these reports is every agency has its own agenda," said Jim Dempsey, deputy director of the Center for Democracy and Technology.
"That was compounded by ... having to get clearance from the private sector, which was appropriately included in this process. You had to get seven sectors of the [economy] to sign off on this, from the telecommunications sector to the power sector to the computer sector."
Private-sector fears were of particular concern to the administration, as the mid-term election is only a few weeks away and White House officials are reluctant to upset potential campaign donors, said James Lewis, chief technology policy director for the Center for Strategic and International Studies.
"We are in the season where everything is looked at through the prism of the election," Lewis said.
Further, Lewis said Clarke might have overreached with the broader cybersecurity plan. "Dick tried to do too much," Lewis said. "Maybe it would have been better to bite off a small part of [of cybersecurity] like the federal government. ... I would have picked the top 10 doable things rather than try to do everything."
In an example of one change to the report, cybersecurity action plans for defense and intelligence agencies were noted in the 340-page version but eliminated in the 66-page version.
The White House organized a Tuesday afternoon briefing with reporters on the plan and has embargoed its official release for 8 p.m.
Clarke will publicly release the plan at Stanford University on Wednesday, with high-tech industry executives expected to attend, including representatives from Microsoft, Oracle, Apple Computer and Sun Microsystems.