[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fwd: Re: Update on Letter to President (Critical Infrastructure Defense)]



Colleagues,

Much has happended since this last update.  The volunteer panel of 12
folks reviewed the plan and met with Dick Clarke on 18 September.
Our bottom line was that the plan contained useful ideas and was
probably necessary, but definitely insufficient to thwart cyber war.  We
reiterated and elaborated  our recommendation for a vigorous program
to address the problem.  We learned that there is doubt among national
leadership that this is a significant national strategic threat.  So, we
added to our conclusion that it is urgent and critical to scientifically
analyze the national vulnerability in terms of scale, gravity, and validity.
We felt that the plan was not credible without such an analysis.

We sent written comments back to the White House with a summary
of our review.  We are going in on 14 Nov to brief the PCIPB to
try to convince them to quickly engage in the called-for analysis so
that we can get our premises agreed upon.  Once that happens, there
will be little doubt that a Manhattan-style project is called for.

As part of the meeting of the panel, we decided to form a standing
group called the Professionals for Cyber Defense that basically continues
the process that we all started in signing the letter to the President.
In summary, the charter of the group is to help the govt form sound
Cyberspace defense policy.  Membership is currently restricted to
a subset of the signers of the letter, but will be opened up to small
extensions soon.  Members are individually-acting citizens working
in the best interests of national security.  We have some more
detail on a website at www.uspcd.org.

I know I asked in a previous email for a show of e-hands (via email)
of those who want to sign-up to the group.  I appreciate the responses.
I ask, now that the group is
formed and folks have a bit more detail, to say again whether you
sign-up.  Membership duties are not expected to be heavy.  We
expect folks mostly to participate on review panels like the one
described above, from time to time.

The following is a list of folks who said previously that they would
join such a group (starred names are those that were on the
panel that reviewed the strategy and have already actively
affirmed membership).  I will assume folks named below
are in PCD unless you tell me otherwise.  I will assume those
not named below are NOT in the PCD unless you tell me
otherwise.  For those folks who elect not to join, I will cease
further updates in the interest of not unintentionally spamming
anyone's mailbox who is not interested.  If you join and do NOT
want your membership to be made public (posted on our
website), please indicate that in your response.  Thanks.

1 *Balzer Bob
2 Benzel Terry
3 *Berson Tom
5 Carlson Curt
6 Cybenko George
7 Davis John
10 *Feiertag Rich
12 Frazier Tiffany
14 Haigh Tom
17 Kent Steve
18 Keromyitis Angelos
19 Langston Marv
21 *Lincoln Pat
22 Lowry John
23 Lukasik Steve
24 Luckham David
27 Maxion Roy
30 *McHugh John
33 Neumann Peter
35 *Novak Roger
36 *Ott Allen
37 Paige Mike
38 Paxson Vern
39 Porras Phil
41 *Rho Sue
42 *Robinson Art
43 Sastry Shankar
44 *Saydjari Sami
47 Schumann Larry
48 Smith Jonathan
49 Stolfo Sal
50 *Tinnel Laura
51 Tygar Doug
52 *Williams Ken



Sami Saydjari wrote:

> -------- Original Message --------
> Subject: Re: Update on Letter to President (Critical Infrastructure Defense)
> Date: Fri, 23 Aug 2002 16:33:35 -0500
> From: Sami Saydjari <ssaydjari@xxxxxxxxxxx>
> Organization: SRI International
> To: Bob Balzer <bbalzer@xxxxxxxxxxxxxxx>,Terry Benzel <Terry_Benzel@xxxxxxx>,Tom Berson
> <berson@xxxxxxxxxxx>,George Robert Blakley III <blakley@xxxxxxxxxx>,sal@xxxxxxxxxxxxxxx, Curt
> Carlson <curt.carlson@xxxxxxx>,George Cybenko <gvc@xxxxxxxxxxxxx>,John Davis
> <john.davis@xxxxxxxxxxxx>,Matt Donlon <mdonlon@xxxxxxxxxxxx>, Roy Maxion <maxion@xxxxxxxxxx>,Dave
> Farber <dave@xxxxxxxxxx>,Richard Feiertag <Richard_Feiertag@xxxxxxx>,Edward Feigenbaum
> <feigenbaum@xxxxxxxxxxxxxxx>,Tiffany Frazier <tiffany.frazier@xxxxxxxxxxxxxxxx>,"Seymour E. Goodman"
> <goodman@xxxxxxxxxxxxx>,Tom Haigh <haigh@xxxxxxxx>,"Heimerdinger, Walt (MN65)"
> <heimerdinger_walt@xxxxxxxxxxxxxxxxx>,pmh116207@xxxxxxx, Steve Kent
> <STK@xxxxxxx>,angelos@xxxxxxxxxxxxxxx,Marv Langston <MARVIN.J.LANGSTON@xxxxxxxx>,Karl Levitt
> <levitt@xxxxxxxxxxxxxx>,PATRICK D LINCOLN <LINCOLN@xxxxxxxxxxx>,John Lowry <jlowry@xxxxxxx>,
> lukasiks <steve@xxxxxxxx>,David Luckham <luckham@xxxxxxxxxxxx>, rtmarsh@xxxxxxx,"McConnell, Mike"
> <McConnell_JM@xxxxxxx>,John McHugh <jmchugh@xxxxxxxx>, mayfield@xxxxxxx,Rod Moore
> <RMoore@xxxxxxxxxxx>, chuck.morefield@xxxxxxxxxxxxx,Peter Neumann <neumann@xxxxxxxxxxx>, Cliff
> Neuman <bcn@xxxxxxx>,Roger Novak <roger@xxxxxxxxxxxxxxx>, Allen Ott <aott@xxxxxxxxxxx>,Michael Paige
> <mpaige@xxxxxxxx>, "Paxson, Vern" <vern@xxxxxxxx>,porras <porras@xxxxxxxxxxx>, Marcus Ranum
> <mjr@xxxxxxx>,"Rho, Sue" <Sue_Rho@xxxxxxx>,"Arthur S. Robinson" <art.robinson@xxxxxxxx>,Shankar
> Sastry <eecs-chair@xxxxxxxxxxxxxxxxx>,Fred Schneider <fbs@xxxxxxxxxxxxxx>,Gregg Schudel
> <gschudel@xxxxxxxxx>,Larry Schumann <ljschumann@xxxxxxxxxxxx>,"Jonathan M. Smith"
> <jms@xxxxxxxxxxxxxxxxxxxxx>,Laura Tinnel <ltinnel@xxxxxxxxxxxxxxx>,"Tygar, Doug"
> <tygar@xxxxxxxxxxxxxxx>,Ken Williams <kwilliams@xxxxxxxxxxx>,Wright Larry
> <wright_larry@xxxxxxx>,"Woolsey, Jim" <JWoolsey@xxxxxxxxxxxxxxx>,"Markowitz, Joe"
> <markowitz@xxxxxxxxxxx>
> References: <3CCEFAC3.7151314B@xxxxxxxxxxx> <3CEC03C1.F5E6583C@xxxxxxxxxxx>
> <3D53CADF.1568A762@xxxxxxxxxxx>
>
> Folks,
>
> The workshop is on and so is the standing entity,
> "Professionals for Cyber Defense."
>
> The current plan is that those who can attend a
> workshop out at Stanford on the 17th, will get
> a copy of the national plan "n" days in advance
> and we need to actively review it and come to
> the table with a few comments/impressions,
> especially with respect to how it might be
> improved toward a Cyber Manhattan Project
> like activity.  We then share our perspectives.
> then try to consolidate them by the end of the
> 17th.  We then meet with Mr. Clarke on the
> afternoon of the 18th (probably 3-5pm,
> but I am still trying to lock that in).
>
> About 25 of us gave a tentative "yes"
> to the workshop.  I suspect that about
> 5-10 will likely drop out because of
> last-minute conflicts and such, so I expect
> there to be about 15-20 of us there.  I
> was unable to get any funding to support
> this particular trip (time was just too short).
> So, this may cut down the group further.
> Please confirm your plan to attend by
> reply to this email.  This is now solid
> enough to buy tickets.
>
> About 31 of us said "yes" to a standing
> group, depending somewhat on the charter.
> I think that is enough to simply create it
> as of now.  The rough charter is that
> the group is simply a professional
> advocacy group to help guide the govt
> toward sound policy and strategy in
> matters of cyber defense.  There is no
> intention of seeking funding for research
> projects of any kind.  Any funding sought
> (probably from foundations) will be to
> simply defray some of the voluneteers
> costs in contributing to the group.
>
> The default name for the group is
> "Professionals for Cyber Defense" unless
> someone violently objects and comes
> up with a better name.
>
> We still need a volunteer with connections
> to a legal expertise to form the non-profit
> entity, so raise your hand if you are willing.
> We can still form and exist immediately.
> We will form a formal non-profit under
> it as soon as we are able.  That will be
> needed to facilitate funding.
>
> OKay, enough for now.  Thanks for you
> help and quick response.  I am going
> on vacation tomorrow until 2 Sept, but I
> will be reading email if you need to get ahold
> of me.
>
> -Sami
>
> Sami Saydjari wrote:
>
> > Folks,
> >
> > This is a status update.  Two questions are embedded below.
> > Please respond to the questions.
> >
> > The President's initiative to create a Department of Homeland
> > Security (DHS) has fully occupied Washington for the past weeks and
> > has distracted from a fuller and more timely reaction to our urging.
> >
> > My general impression is that there is no immediate intention to
> > move on creating a Cyber Manhattan Project.  At the same time,
> > the  White House seems to be open to the idea as one
> > possibility.  They seem to see the new DHS as a vehicle for
> > executing any such possibility.  They have worked hard to set
> > up a distinct entity within DHS to focus on cyber security and
> > bring together several current organizations that are currently
> > investing in cyber defense research.  That
> > is certainly an important step.
> >
> > The White House, Dick Clarke's Office in particular, is interested
> > in co-sponsoring a workshop with a subset of the signers of the
> > letter to review the national cyber defense plan and discuss ways
> > in which the plan moves us closer to a Cyber Manhattan Project
> > and ways that it falls short.  The idea would be to hold such a
> > workshop coincident with the release of the national plan which
> > is currently schedule for 18 Sept at Stanford University.  Please
> > let me know if you are potentially interested in participating.
> > At the moment, it appears it would be pro bono, but I am
> > working on potential funding sources.  So, let me know whether
> > your interest depends on being funded to come.  Dick Clarke's
> > office sees this as the follow-up suggested in their response to
> > our letter.
> >
> > Also, I would to have a show of hands as to who would be
> > interested in forming a non-profit (5013C) organization to create
> > a standing body of folks to provide continuing independent
> > advice and counsel to the goverment on cyber defense issues.
> > This would be a unique entity in that it would be an independent
> > professional group with no direct commercial interests and thus
> > would have quite a bit of credibility with Congressional folks
> > and the executive agencies.  I am thinking of a fairly low-intensity
> > activity level where a subset of us would meet once a quarter
> > or perhaps twice a year to review government progress and
> > offer advice on course adjustments.  Again,  it is not clear how
> > we would fund this beyond volunteerism.  There is some small
> > possibility for nominal funding, but we can not count on it.  So,
> > when you raise your hand, please let me know if your interest
> > depends on funding.  The benefit to us would be that we would
> > have a standing voice, and perhaps a stronger voice as a block
> > than we each would have individually.
> >
> > -Sami
> >
> > Sami Saydjari wrote:
> >
> > > Folks,
> > >
> > > (1) In support of pending bills up for authorization which might
> > > be supportive of jump-starting a Cyber Manhattan style
> > > project, I released the letter to key congressional
> > > leaderhship and a few agency agency heads who would
> > > likely be stake-holders in any such large-scale effort.
> > > This is all part of the process that is  necessary to initiate the
> > > types of actions we urge. The full distribution list is included below.
> > >
> > > (2) The White House has formally replied to our letter.  The
> > > letter acknowledges receipt and encourages us to engage in
> > > a continuing dialog to define a plan.  The exact way that will
> > > happen is yet to be determined, so I will keep you posted.
> > >
> > > (3) There are some errata I have from the first update note.
> > > (a) In general, I wanted to assure folks that I used the signature
> > > blocks they originally provided, not the associations that
> > > I put down in the list I sent in the last email update to y'all.
> > > I included those associations only as a means of more
> > > clearly identifying the signers to one another.  Sorry for the
> > > confusion.  (b) In the original list, I also made a couple
> > > of errors, so I fixed them at the bottom of this note.
> > > (c) I neglected to mention that David Luckham was the
> > > other key member of the study group I credited last time
> > > with the recommendation for a Manhattan-style project.
> > >
> > > (4) If anyone wants to have a copy of the letter FAXed
> > > to them, so they can see what it looks like....I would be
> > > glad to do so, just send me your FAX number.
> > >
> > > Distribution:
> > > Sen. Thomas Daschle
> > > Sen. Trent Lott
> > > Sen. Carl Levin
> > > Sen. John W. Warner
> > > Sen. Bob Graham
> > > Sen. Richard C. Shelby
> > > Sen. Ernest F. Hollings
> > > Sen. John McCain
> > > Sen. Joseph I. Lieberman
> > > Sen. Fred Thompson
> > > Sen. Patrick Leahy
> > > Sen. Orrin G. Hatch
> > > Sen. Robert C. Byrd
> > > Sen. Ted Stevens
> > > Sen. Robert F. Bennett
> > > Sen. Dianne Feinstein
> > > Sen. Charles E. Schumer
> > > Sen. John Edwards
> > > Sen. Jon Kyl
> > >
> > > Rep. J. Dennis Hastert
> > > Rep. Richard A. Gephardt
> > > Rep. Bob Stump
> > > Rep. Ike Skelton
> > > Rep. Porter J. Goss
> > > Rep. Doug Bereuter
> > > Rep. C.W. (Bill) Young
> > > Rep. David R. Obey
> > > Rep. Dan Burton
> > > Rep. Henry A. Waxman
> > > Rep. Sherwood L. Boehlert
> > > Rep. Gil Gutknecht
> > > Rep. F. James Sensenbrenner Jr.
> > > Rep. John Conyers Jr.
> > > Rep. Christopher Shays
> > > Rep. Tom Davis
> > > Rep. Stephen Horn
> > > Rep. Constance A. Morella
> > > Rep. J.C. Watts
> > > Rep. Christopher Cox
> > >
> > > Director, National Security Agency
> > > Director, Defense Advanced Research Projects Agency
> > > Director, National Science Foundation
> > > Secretary of Commerce
> > > Director, National Institute of Standards and Technology
> > > Secretary of Energy
> > > National Nuclear Security Administration, Under Secretary and Administrator
> > > Secretary of Defense
> > > Under Secretary of Defense for Acquisition, Technology and Logistics
> > > Under Secretary of Defense for Command, Control, Communications, and
> > > Intelligence
> > >
> > > >
> > > >
> > > > -------------------------------------------------------------------
> > > > List of Signers:
> > > > 1 Balzer, Bob,  Teknowledge
> > > > 2 Benzel ,Terry,  NAI
> > > > 3 Berson, Tom,  Anagram, Xerox Parc
> > > > 4 Blakely, Bob, IBM
> > > > 5 Carlson, Curt, SRI
> > > > 6 Cybenko, George, Dartmouth
> > > > 7 Davis, John, Mitre-Tek
> > > > 8 Donolon, Matt, ESP Group
> > >
> > > Should read: 8 Donlon, Matt, ESP Group
> > >
> > > >
> > > > 9 Farber, Dave, UPenn
> > > > 10 Feiertag, Rich, NAI
> > > > 11 Fiegenbaum, Ed, Stanford
> > > > 12 Frazier, Tiffany, Alphatek
> > > > 13 Goodman, Seymour ,Georgia Tech Info Sec Ctr
> > > > 14 Haigh, Tom, SCC
> > > > 15 Heimerdinger, Walt, Honeywell
> > > > 16 Hughes, Pat, PMH Enterprises
> > > > 17 Kent, Steve, BBN
> > > > 18 Keroymitis, Angelos, Columbia
> > > > 19 Langston, Marv, SAIC
> > > > 20 Levitt, Karl, UC Davis
> > > > 21 Lincoln, Pat, SRI
> > > > 22 Lowry, John, BBN
> > > > 23 Lukasik, Steve, SAIC
> > >
> > > Should read: 23 Lukasik, Steve, Consultant to SAIC
> > >
> > > >
> > > > 24 Luckham, David, Stanford
> > > > 25 Markowitz, Joe, Consultant
> > > > 26 Marsh,  Tom, General (Ret)
> > > > 27 Maxion, Roy, CMU
> > > > 28 Mayfield, Terry, IDA
> > > > 29 McConnell, Mike, BAH
> > > > 30 McHugh, John, SEI-CERT
> > > > 31 Moore, Rod, ZelTech
> > > > 32 Morefield, Charles, Alphatech
> > > > 33 Neumann, Peter, SRI
> > > > 34 Neuman, Cliff, USC-ISI
> > > > 35 Novak, Roger, Novak-Biddle
> > > > 36 Ott, Allen, Orincon Info Assurance
> > > > 37 Paige, Mike, Xerox Parc
> > > > 38 Paxson, Vern, Lawrence Livermore
> > >
> > > Should read: 38 Paxson, Vern, ICSI / LBNL
> > >
> > > >
> > > > 39 Porras, Phil, SRI
> > > > 40 Ranum, Marcus, NFR
> > > > 41 Rho, Sue, NAI
> > > > 42 Robinson, Art, STDC
> > > > 43 Sastry, Shankar, UC Berkely
> > > > 44 Saydjari, Sami, SRI
> > > > 45 Schneider, Fred, Cornell
> > > > 46 Schudel, Greg, Cisco
> > > > 47 Schumann, Larry, EnterpriseTec
> > > > 48 Smith, Jonathan, Upenn
> > > > 49 Stolfo, Sal, Columbia
> > > > 50 Tinnel, Laura, Teknowledge
> > > > 51 Tygar, Doug, UC Berkely
> > > > 52 Williams, Ken, ZelTech
> > > > 53 Woolsey, R. James, Shea and Gardner
> > > > 54 Wright, Larry, BAH
> > > >
> > > >   ------------------------------------------------------------------------
> > > >                        Name: ssaydjari.vcf
> > > >    ssaydjari.vcf       Type: VCard (text/x-vcard)
> > > >                    Encoding: 7bit
> > > >                 Description: Card for Sami Saydjari
> > >
> > > --
> > > ---
> > > SRI Cyber Defense Research Center - "Creating effective
> > > cyber defenses for high-value systems"
> > >
> > > O. Sami Saydjari
> > > SRI Computer Science Laboratory
> > > 3601 43rd Street South
> > > Wisconsin Rapids, WI 54494
> > > ssaydjari@xxxxxxxxxxx
> > > Phone: 715-424-2642
> > > Fax:   715-424-2638
> > >
> > >   ------------------------------------------------------------------------
> > >                        Name: ssaydjari.vcf
> > >    ssaydjari.vcf       Type: VCard (text/x-vcard)
> > >                    Encoding: 7bit
> > >                 Description: Card for Sami Saydjari
> >
> > --
> > ---
> > SRI Cyber Defense Research Center - "Creating effective
> > cyber defenses for high-value systems"
> >
> > O. Sami Saydjari
> > SRI Computer Science Laboratory
> > 3601 43rd Street South
> > Wisconsin Rapids, WI 54494
> > ssaydjari@xxxxxxxxxxx
> > Phone: 715-424-2642
> > Fax:   715-424-2638
> >
> >   ------------------------------------------------------------------------
> >                        Name: ssaydjari.vcf
> >    ssaydjari.vcf       Type: VCard (text/x-vcard)
> >                    Encoding: 7bit
> >                 Description: Card for Sami Saydjari
>
> --
> ---
> SRI Cyber Defense Research Center - "Creating effective
> cyber defenses for high-value systems"
>
> O. Sami Saydjari
> SRI Computer Science Laboratory
> 3601 43rd Street South
> Wisconsin Rapids, WI 54494
> ssaydjari@xxxxxxxxxxx
> Phone: 715-424-2642
> Fax:   715-424-2638

--

Cyber Defense Agency, LLC - Defending Critical Cyberspace

O. Sami Saydjari
Cyber Defense Agency
3601 43rd Street South
Wisconsin Rapids, WI 54494
ssaydjari@xxxxxxxxxxxxxxxxxxxxxx
Phone: 715-424-2642
Fax:   715-424-2638

begin:vcard 
n:Saydjari;O. Sami
tel;fax:715-424-2638
tel;work:715-424-2642
x-mozilla-html:FALSE
org:Cyber Defense Agency, LLC
adr:;;3601 43rd Street South;Wisconsin Rapids;WI;54494;
version:2.1
email;internet:ssaydjari@xxxxxxxxxxxxxxxxxxxxxx
title:President
fn:O. Sami Saydjari
end:vcard