[Paleopsych] CHE: Panel Urges Government to Increase Spending on the Study of Cybersecurity

Premise Checker checker at panix.com
Sun Feb 6 16:34:37 UTC 2005 

Panel Urges Government to Increase Spending on the Study of Cybersecurity
The Chronicle of Higher Education, 5.1.28
http://chronicle.com/weekly/v51/i21/21a03801.htm

    By ANDREA L. FOSTER

    Washington
    The federal government is not adequately supporting long-term research
    into protecting the nation's technology infrastructure from terrorist
    attacks, according to a report that a presidential advisory committee
    has approved.
    The report, from the President's Information Technology Advisory
    Committee, concludes that networks supporting the country's financial,
    utility, telecommunications, transportation, and defense systems are
    "highly vulnerable to terrorist and criminal attacks." The report
    recommends, among other things, that the federal government provide
    more money for research and that it encourage university students to
    study cybersecurity.
    The report is scheduled to be given to President Bush first and to be
    released to the public by early March. But the report's key findings
    and recommendations were made public this month in a presentation that
    the advisory committee's cybersecurity panel made to the full
    committee. The 24-member committee, which includes university and
    industry scientists, endorsed the cybersecurity panel's final draft.
    "We hope that by raising the issue and providing some of the
    documentary evidence that we have that people will take this seriously
    and attempt to address it in some meaningful way," said Eugene H.
    Spafford, a member of the subcommittee that prepared the report. He is
    a computer-science professor at Purdue University and executive
    director of the university's Center for Education and Research in
    Information Assurance and Security.
    In many ways the report echoes the views of the Computing Research
    Association, which in July told the cybersecurity panel that the
    government needed to spend more on cybersecurity research and
    development. The association represents computer scientists in academe
    and in industry.
    Looking to Others
    Federal agencies assume that other agencies will provide money and
    grants for research on cybersecurity, the new report says, but no
    agency is doing enough.
    The Department of Homeland Security, for example, assumes that
    industry and the National Science Foundation will provide support for
    cybersecurity research, according to the cybersecurity panel. And the
    Defense Advanced Research Projects Agency assumes that the science
    foundation will take up responsibility. The report recommends that the
    Defense Department and the Department of Homeland Security provide
    more money for research on civilian cybersecurity.
    The report says that researchers are discouraged from applying for
    cybersecurity grants through the Defense Department agency because it
    is focused on providing money for short-term projects that can show
    results in 12 to 18 months. Also, the agency's programs are
    increasingly classified, excluding most colleges and universities from
    participation, the report states.
    The Cyber Trust, set up by the science foundation to provide grants
    for cybersecurity research, has supported only 8 percent of the
    proposals it has received, although a quarter of the proposals were
    worthy of support, the report states. It recommends that the science
    foundation's cybersecurity budget be increased by $90-million a year.
    The report observes that fewer than 250 faculty members in the United
    States are actively involved in cybersecurity research. The federal
    government should step up its recruitment of cybersecurity researchers
    and students so that the number of scientists in the field doubles by
    the end of the decade, the report says.
    Mr. Spafford said that universities are not paying enough attention to
    cybersecurity research, in part because the field "doesn't fit neatly
    within the traditional department." Besides computer engineering and
    computer science, he said, information security "touches on many other
    academic disciplines and draws from them," including management,
    philosophy, and political science.

More information about the paleopsych mailing list