Cyber Security Conference
BLOOMBERG NEWS SERVICE
– April 18, 2000
By Katherine M. Reynolds
Washington, April 18 –
Microsoft Corp., JCPenney Co., IBM Corp., and other companies
are spending more money to guard against computer hackers,
executives said at a White House conference aimed at finding
ways to beef up the security of electronic commerce.
Concerns about security
breaches have prompted companies to boost technology spending
to 3, 4 or 5 percent of their operating budgets, up from about
1 percent, said Richard Clarke, President Bill Clinton's
coordinator for infrastructure protection.
will have to make the adequacy of their information technology
systems an absolute central priority in terms of the
management of business risk," Treasury Secretary Lawrence
Summers told the conference.
The government needs to work
with companies to develop the best ways to protect information
technology, an industry that generates $800 billion a year for
the U.S. economy, White House Chief of Staff John Podesta said
at the first of six conferences on computer security.
Company and government
officials focused today on how to stop the spread of computer
viruses and avert the kind of attacks that earlier this year
temporarily disabled Web sites of Yahoo! Inc., Amazon.com Inc.
and E*Trade Group Inc.
Other incidents included the
theft and online posting of customer credit card numbers from
online retailer CD Universe, and user passwords being pilfered
from a California Internet service provider controlled by SBC
The attacks on Yahoo and other
companies will end up costing more than $1.2 billion in
losses, missed revenue and security upgrade expenses, Yankee
Companies' efforts to protect
themselves could mean work for consultants like Arthur
Andersen and security software makers such as Check Point
Software Technologies Ltd. and VeriSign Inc.
Microsoft employs 50 full-time
people focused on information security, up from seven
employees two years ago, chief information security officer
Howard Schmidt said. The company buys 70 percent of its
security software from outside companies and uses the big six
accounting firms to assess its systems, Schmidt said.
On top of anti-virus software
and firewalls, IBM has devoted resources to testing its
systems for flaws, said J. Bruce Harreld, IBM's senior vice
president for strategy. "Today's strategy needs to be
much more holistic," he said.
J.C. Penney has hired
consultants and stepped up spending on software to guard
against attacks that could disrupt business, reveal
confidential information or hurt the company's reputation,
chief information officer David Evans said. The company
expects $300 million in revenue from Internet-related business
this year, up from $100 million the previous year, Evans said.
Financial services companies
have decided to establish a center to share information about
Internet-related threats and problems, and the Treasury
Department supports this effort, Summers said.
A broader network of companies
from manufacturing, technology and other sectors gathered in
New York City in December and February to brainstorm about
security measures, Microsoft's Schmidt said.
"Within the CIO community
there is really open dialogue, especially around
viruses," said Francis D. Dramis Jr., chief information
and eCommerce officer at BellSouth Corp.. "We're relying
on word of mouth."
BellSouth discovered 30,000
points of access for a potential wrongdoer when assessing its
network recently, Dramis said.
More Federal Money
Clinton is already asking
Congress to provide more money to combat computer sabotage.
He's seeking $138 million in fiscal 2001, which begins Oct. 1,
for Justice Department efforts to crack down on computer
crimes. That's a 28 percent increase from this year.
The president has also proposed
doubling the U.S. research and development budget for
information technology to $2 billion from $1 billion in the
current fiscal year, Clark said.
The administration doesn't plan
to impose new security rules on private companies, but will
try to facilitate information- sharing, research and education
about the issue, officials said. "This is the first time
in American history that the federal government alone cannot
protect the infrastructure," Commerce Secretary William
Yet companies shouldn't worry
so much about security that they lose out on opportunities
available on the Internet, said Jacqueline K. Wagner, general
auditor at General Motors Corp.
"There is an acceptable
level of risk that each corporation must accept in order to
compete in the marketplace," Wagner said.