Billions needed for proper IT security

The president of the Information Technology Association of America (ITAA), an industry group representing more than 500 IT...

The president of the Information Technology Association of America (ITAA), an industry group representing more than 500 IT companies around the US, has said that at least $10bn in federal funding is needed to ensure adequate cyber defences.

Speaking at a conference co-sponsored by the Center for Strategic and International Studies, Harris Miller, president of the ITAA, said that the Bush administration and Congress needed to "put some real dollars on the table" to strengthen US information security.

"I personally think $10bn in federal spending, grants and loans is needed to get the job done," said Miller.

Miller proposed that the US government should provide $4bn in loans to small- and medium-sized businesses to allow for increased training and tools to harden IT systems and lessen the impact of cyber attacks on businesses.

He also called on the government to pump $3bn into grants that would fund upgrades to critical systems at state and local government level, and to increase information security training for state and local officials.

Miller also urged the government to include $2.5bn in its 2002 budget to upgrade federal systems and security and increase the amount of IT security education and training offered to government employees. He added that $500m in grants should be made available to public and private universities to establish more IT security programmes at the graduate level.

Duane Andrews, a former assistant secretary of defence for command, control, communications and intelligence, now serving as executive vice-president of Science Applications International, echoed Miller's call for new investments in IT security.

Andrews said that no new money was available for additional work that needed to be done on homeland security, and that any new programmes would have to be paid for by taking funding away from existing programmes in other agencies.

"Finally, we are treating terrorism as an act of war, and I think that is going to help us in the cyber area," Andrews said. "We know there are terrorists who will do anything to further their cause, but we still don't adequately prepare."

Read more on Antivirus, firewall and IDS products