key federal cyber security organizations would be subsumed by the new
Department of Homeland Security, under the sweeping proposal announced by
President Bush on Thursday to create the cabinet-level agency.
The Critical Infrastructure Assurance Office (CIAO), now part of the
Commerce Department, the Pentagon's National Communication System (NCS), the
Department of Energy's National Infrastructure Simulation and Analysis
Center and the GSA's Federal Computer Incident Response Center (FedCIRC)
would also join the new department.
The various organizations would bring their existing resources with them to
form a $364 million "Information Analysis and Infrastructure Protection"
division staffed with 976 people. It would be the smallest of four
divisions in the new Department of Homeland Security.
"The speed, virulence, and maliciousness of cyber attacks have increased
dramatically in recent years," the White House proposal reads.
"Accordingly, the Department of Homeland Security would place an especially
high priority on protecting our cyber infrastructure from terrorist attack."
Bush announced the proposal for the new department in a nationally
televised address Thursday night. It would consist entirely of existing
organizations cherry-picked from other parts of the federal government, and
would take over the U.S. Secret Service, the Customs Service, INS and the
Coast Guard. In all, it would inherit 169,154 employees and $37.45 billion
from the agencies it absorbed.
The proposal must
now be weighed by the 88 congressional committees and subcommittees that
oversee the existing agencies.
Cyber security has held a prominent place in the administration's reaction
to the September 11 terrorist attacks. In October, Bush issued an executive
order that created a Critical Infrastructure Protection Board, chaired by
former NSC counter-terrorism czar Richard Clarke, and inaugurated a
30-member National Infrastructure Advisory Council consisting of CEOs,
academicians and local government representatives that advise the president
on infrastructure security. By Kevin Poulsen