Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
White House, DHS, Commerce release cyber 'code of conduct'
Wednesday - 5/30/2012, 4:40pm EDT
The Industry Botnet Group (IBG) — coordinated by the White House Cybersecurity Office and the Departments of Commerce and Homeland Security — has posted nine broad principles in fighting botnets, including coordination of cyber responsibilities across sectors and reporting lessons learned.
"I think like many things in cybersecurity, this is much larger than one company, any specific country, any specific government or individual," said Howard Schmidt, the White House's cyber coordinator, at an event today at the White House, addressing industry groups. "That's why it's so important we get it right."
Botnets consist of infected computers controlled remotely, turning the computer into a "bot" or "zombie." The computers are then used to attack websites and distribute more malware. Schmidt said about 1 in 10 computers in the United States are infected.
The code of conduct released today "charts a new course for all multi-stakeholders to implement an industry-wide, nationally-focused and globally-aware plan to address botnet threats," Schmidt said.
The code also endorsed flexibility in addressing cyber threats and promoted innovative approaches.
The IBG was formed in September 2011 after Commerce and DHS issued a request for information on the best ways to combat botnets.
"This partnership reminds me a little bit of a potluck dinner. We sent out the invitations and provided a nice venue, and you did all the cooking," said Patrick Gallagher, the director of Commerce's National Institute of Standards and Technology.
Government partners today also outlined other botnet-combatting initiatives. For example, NIST is offering a workshop to define, measure and assign roles and responsibilities in fighting botnets. It was the first workshop of its kind from NIST to create a "technical toolbox" to address the botnet problem, Gallagher said.
Several IBG members are also launching today a campaign called Keep a Clean Machine, a public education campaign.
The agency and industry efforts won't be enough, however, without a legislative framework, said DHS Secretary Janet Napolitano.
The Senate is considering a long-awaited comprehensive cybersecurity bill. The proposal — known as the Cybersecurity Act of 2012 — would require DHS to assess risks in critical infrastructure and establish information-sharing standards between the public and private sectors.
Napolitano said the bill reflects "a growing awareness in a bipartisan way" that legislative action is urgently needed.
"We're hoping that that legislation is able to move to the floor of the Senate in the next month or so," Napolitano said.
She added, "Government, however, is going to be only one piece in this puzzle. Cyber is a shared responsbility ... We are networked. We are all in this together, literally, not just figuratively."