Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
White House, DHS, Commerce release cyber 'code of conduct'
Wednesday - 5/30/2012, 4:40pm EDT
The Industry Botnet Group (IBG) — coordinated by the White House Cybersecurity Office and the Departments of Commerce and Homeland Security — has posted nine broad principles in fighting botnets, including coordination of cyber responsibilities across sectors and reporting lessons learned.
"I think like many things in cybersecurity, this is much larger than one company, any specific country, any specific government or individual," said Howard Schmidt, the White House's cyber coordinator, at an event today at the White House, addressing industry groups. "That's why it's so important we get it right."
Botnets consist of infected computers controlled remotely, turning the computer into a "bot" or "zombie." The computers are then used to attack websites and distribute more malware. Schmidt said about 1 in 10 computers in the United States are infected.
The code of conduct released today "charts a new course for all multi-stakeholders to implement an industry-wide, nationally-focused and globally-aware plan to address botnet threats," Schmidt said.
The code also endorsed flexibility in addressing cyber threats and promoted innovative approaches.
The IBG was formed in September 2011 after Commerce and DHS issued a request for information on the best ways to combat botnets.
"This partnership reminds me a little bit of a potluck dinner. We sent out the invitations and provided a nice venue, and you did all the cooking," said Patrick Gallagher, the director of Commerce's National Institute of Standards and Technology.
Government partners today also outlined other botnet-combatting initiatives. For example, NIST is offering a workshop to define, measure and assign roles and responsibilities in fighting botnets. It was the first workshop of its kind from NIST to create a "technical toolbox" to address the botnet problem, Gallagher said.
Several IBG members are also launching today a campaign called Keep a Clean Machine, a public education campaign.
The agency and industry efforts won't be enough, however, without a legislative framework, said DHS Secretary Janet Napolitano.
The Senate is considering a long-awaited comprehensive cybersecurity bill. The proposal — known as the Cybersecurity Act of 2012 — would require DHS to assess risks in critical infrastructure and establish information-sharing standards between the public and private sectors.
Napolitano said the bill reflects "a growing awareness in a bipartisan way" that legislative action is urgently needed.
"We're hoping that that legislation is able to move to the floor of the Senate in the next month or so," Napolitano said.
She added, "Government, however, is going to be only one piece in this puzzle. Cyber is a shared responsbility ... We are networked. We are all in this together, literally, not just figuratively."