Secretary of the US Department of Homeland Security Tom
Ridge has released the final versions of the US government's
national strategies to defend critical infrastructures from cyber
and physical attack.
As the nation remained at code Orange - the second-highest level
of alert - Ridge said the two strategy documents are critical to
the future planning of US security.
The national strategy to secure cyberspace and the national
strategy for the physical protection of critical infrastructures
and key assets will help guide governments and businesses in their
efforts to defend the US from terrorism.
One of the first priorities will be to establish a national
cyberspace security response system that will enable the government
to co-ordinate with the private sector on analysis, warning,
incident management and recovery efforts stemming from a
co-ordinated cyberattack against the US.
Howard Schmidt, acting chairman of the Critical Infrastructure
Protection Board, said a major thrust of the cyberdefence strategy
is to work with the private sector to reduce the nation's
vulnerability to attack.
In addition, the homeland security department is considering a
cybersecurity alert system that would work with the overall
Homeland Security Alert System.
The final version of the strategy, however, does not mention
regulating the private sector to force improvements in
security.
Bob Stephan, the department's information analysis specialist,
said regulation could be an option for some industries, such as
chemical manufacturing, where the threat to public health and
safety is particularly acute.