FREE eLETTER SIGNUP
Washington Technology Newswatch delivers the latest news to your inbox.
The National Magazine for Government Contractors.
Site Search Quickfind Go
Login | Register
Updated 5:35 PM EST Dec 1
CURRENT ISSUE About Us
Sprint
HOT TOPICS
Authentication/
Identity Management
Budget/Policy/Legislation
Civilian Agencies
Contract Awards
Defense
Emerging Technology
Financial Markets
Homeland Security
Industry News
Mergers/Acquisitions
Mobile/Wireless
Outsourcing
Procurement
Security
Small Business
State and Local
Telecom/IT Infrastructure
Top 100
Training and Certification
RESOURCES
researchstore
SPONSOR SOLUTIONS

More >>

STORY TOOLS: Email this Story Print this Story Contact the Author Contact Order Reprints of this Story Reprints
Washington Technology home > web stories

01/24/06 -- 03:12 PM

DHS vows to protect info on national database

By Alice Lipowicz
Staff Writer

RELATED TOPICS
Homeland Security
SHARE ARTICLE
Digg Digg Yahoo Yahoo
Del.icio.us Del.icio.us Google Google

The Homeland Security Department has stepped up assurances that it will maintain the confidentiality of critical infrastructure information submitted to the National Asset Database, according to the newly revised draft National Infrastructure Protection Plan Base Plan version 2.0.

DHS will evaluate all requests to view the database and will grant access only to select DHS employees and others on a “tightly controlled, need-to-know” basis, the revised plan states.

The new language is set forth in the 234-page national infrastructure protection plan distributed by DHS this week. The plan was delivered by e-mail via NIPP@dhs.gov.

The plan establishes a work and time frame for assessing vulnerabilities and risks and coordinating protections for 17 critical infrastructure sectors, including IT and telecommunications. Cybersecurity is treated as a cross-sector responsibility. The department will accept comments until Feb. 6.

DHS’ assurances about database access appear to address concerns raised by IT executives and others over protecting confidentiality of the information they might submit on specific vulnerabilities within their sectors.

One fear raised by IT industry members is that disclosing weak spots in their own networks may result in leaks that can be exploited by competitors.

“We’ve been concerned about what [DHS] can do to protect the IT infrastructure information and how they can help protect the critical assets,” said Greg Garcia, vice president of information for the Information Technology Association of America in Arlington, Va., who is involved with the IT Sector Coordinating Council organization efforts.

IT industry members have asked for “originator control” for specific information they provide to the database, so they can be assured of its protection, Garcia said. However, that term does not appear in the new document.

Garcia, contacted today, said he was still reviewing the language proposed by DHS to give access on a need-to-know basis and to selected employees only.

The new plan version updates an earlier 175-page draft National Infrastructure Protection Plan released in November 2005. It reflects changes in response to nearly 7,000 public comments received on the previous version, according to a statement from DHS officials.

The new document also contains more information on cybersecurity initiatives, international cooperation and the goal of resilience. “Resilient” and “resiliency” are mentioned 26 times in the updated plan versus 18 times in the initial draft.

Other changes include a new executive summary, clarification of all-hazards linkages, and explanations of requirements pertaining to the risk management framework, according to DHS in a statement.


WASHINGTONTECHNOLOGY LATEST NEWS GCN.COM FCW.COM

TOP JOBS FROM LOCAL EMPLOYERS
All Top Jobs

Home | About | Advertise | Contact | Custom Media | Editorial Calendar | Events
List Rental | Privacy Policy | Reprints/Linking Policy | Subscribe | Site Map

1105 Media, Inc.

© 1996-2008 1105 Media, Inc. All Rights Reserved.