U.S. Department of State
U.S. Department of State
Other State Department Archive SitesU.S. Department of State
U.S. Department of State
U.S. Department of State
U.S. Department of State
U.S. Department of State
U.S. Department of State
U.S. Department of State
Home Issues & Press Travel & Business Countries Youth & Education Careers About State Video
 You are in: Under Secretary for Democracy and Global Affairs > Diplomacy Through Science, Technology and Innovation > Releases > 2001

Critical Infrastructure Protection: International S&T Cooperation after September 11

Dr. Norman P. Neureiter, Science and Technology Advisor to the Secretary
Remarks to IST 2001 Technologies Serving People Conference
Dusseldorf, Germany
December 3, 2001

Thank you for inviting me here today. I want to congratulate the Information Society Technologies Directorate for organizing this event and bringing together this stellar array of scientists and researchers, technical experts and policy makers. It is a pleasure for me to address this distinguished audience, particularly on a topic as vital to our contemporary world as transatlantic science and technology (S&T) cooperation in the area of critical infrastructure protection (CIP).

Some four years ago, at the first joint consultative group meeting under the U.S.-EU Science and Technology Agreement, there was created a special CIP task force. The purpose of this task force was to enhance the security of infrastructures by identifying, developing, and facilitating technical and policy solutions to existing and emerging threats and vulnerabilities.

Since the task force was launched there has been a series of workshops and conferences resulting in cooperative exchanges between scientists from U.S. technical agencies and their counterparts in EU research organizations. We are off to a good start. But these are big issues -- very complex and broad in scope. It is very important that the U.S.-EU CIP Task Force continue to mobilize researchers on both sides of the Atlantic to develop viable solutions to this challenge. I welcome the opportunity today to demonstrate my personal support for this effort.

September 11 and Homeland Security

It is obvious that the tragic events of September 11th made painfully clear the urgency with which we must address these CIP challenges. It is one essential component of a broader effort to protect our nations against modern suicidal terrorism.

So, let me start this afternoon by describing the actions the Bush Administration is taking to augment American CIP efforts after September 11; then to note how science and technology fit into the overall strategy; and finally to suggest that international cooperation to address CIP is an even greater imperative than before.

Organizing to Address Future Threats

Soon after September 11, President Bush declared that protection of U.S. critical infrastructures is essential to the nationís economic and national security and would be a top priority of his administration. On October 8th he signed an executive order establishing the Office of Homeland Security and the Homeland Security Council, and also appointed Pennsylvania Governor Tom Ridge as Assistant to the President for Homeland Security.

Governor Ridgeís job is enormous. It is like being a domestic version of the National Security Advisor. In the broadest sense he must develop and assure the implementation of a comprehensive national strategy to protect the U.S. against terrorist threats and attacks. To do so, he must coordinate all efforts of the executive branch to detect, to prepare for, to prevent, to protect against, to respond to, and, to recover from terrorist attacks inside U.S. borders.

The Office of Homeland Security will have to coordinate and focus information and resources from dozens of agencies including the FBI, the CIA, the National Guard, and state and local law enforcement and emergency authorities.

As I said, the President also established the Homeland Security Council. This Council includes President Bush and Vice President Cheney and other senior officials from the executive branch. Its role is to ensure coordination of homeland security-related activities among executive departments and agencies and to promote effective development and implementation of all homeland security policies.

Under this Council the President also established, among other things, eleven Homeland Security Council Policy Coordination Committees (PCCís). It is noteworthy that one of these PCCís will focus on research and development.

Dr. John Marburger, who was recently appointed as the Presidentís Science Advisor and Director of the White House Office of Science and Technology Policy, has been asked to provide advice and support to this newly created PCC. Dr. Marburger has begun a series of meetings among chief science officials throughout government to share information on research activities relevant to homeland security, infrastructure protection and counterterrorism. He has also established a strong link with the National Academies of Sciences, Engineering and Medicine, to draw on the expertise of our academic and non-government research community. It is remarkable how the U.S. scientific community has responded to this challenge. The Academies, the universities, and professional scientific societies all want to help. In fact, my office at the Department of State has also been involved in establishing links to the outside S&T community in support of our own offices of Counterterrorism, Political Military Affairs, and Consular Affairs that have responsibilities related to homeland security.

It is very clear to me that this Administration appreciates the contributions that science can make towards countering terrorism and Dr. Marburger has assumed a leadership role in bringing S&T to bear on this challenge.

Critical Infrastructure Protection

There is also another executive order, which addresses more specifically the cyber challenge that we all face. It was issued by President Bush on October 16th. It is called Critical Infrastructure Protection in the Information Age and replaces Presidential Decision Directive 63, which was signed by President Clinton in 1996. The new executive order establishes the Presidentís Critical Infrastructure Protection Board. This Board is responsible for recommending policies and coordinating programs that relate to critical infrastructures, including emergency preparedness for communication systems and the physical assets that support such systems.

The Boardís work is carried out by several standing committees, two of which are particularly relevant to the science community -- one for Research and Development and the other for Infrastructure Interdependencies.

The chairman of this new CIP Board is Richard Clarke, Special Advisor to the President for Cyberspace Security, who is also a member of the Homeland Security Council that I mentioned earlier. As many of you know, he has been involved in these matters at the White House for some twelve years.

Within the Department of State, Secretary Powell has named John Bolton, Under Secretary for Arms Control and International Security, as his representative to this Board.

The Research and Development Committee is chaired by a member of Dr. Marburgerís staff in the Office of Science and Technology Policy. Some 20 federal departments and agencies participate in this committee, whose objective is to ensure that U.S. critical infrastructures are "trustworthy" and "resilient", terminology familiar to those of you working in the European Dependability Initiative. This committee promotes and coordinates research to reduce vulnerabilities in the nationís critical infrastructure and to develop technologies that will detect, contain, and mitigate attacks against these infrastructures.

The establishment of the Infrastructure Interdependency Committee, which is just being organized, reflects the fact that national infrastructures have become more tightly coupled and that disruptions have a greater potential to cascade throughout the economy. As you specialists are well aware, our current state of understanding is limited; we do not yet have a fundamental comprehension of the interdependency issue. The level and intensity of research and development in this area is growing but is still insufficient.

Combining the Public/Private Effort

Critical infrastructures -- such as food and water supplies, energy and road transport, power generation and transmission, and the information network -- are not controlled and certainly are not owned by governments alone. Thus, our effort to organize and implement an effective protection strategy is only possible if government (at all levels) and the private sector work together. This is particularly critical in the U.S. telecommunications sector where over 90% of the assets are owned and controlled by private companies.

In that context, on September 30, 2001, President Bush signed Executive Order 13226 to re-establish the Presidentís Council of Advisors on Science and Technology (PCAST). The first President Bush originally established PCAST in 1990 to enable the President to receive advice from the private sector and academic community on technology, scientific research priorities, and math and science education.

PCAST follows a tradition of Presidential advisory panels on science and technology dating back to Presidents Eisenhower and Truman. The Presidentís Science Advisor, Dr. Marburger, serves as PCAST co-chair. The twenty-two distinguished council members are appointed by the President from industry, academia, and other non-governmental organizations. Already in March President Bush had named Floyd Kvamme, one of the countryís major IT entrepreneurs, as the non-government co-chairman of the PCAST. The first PCAST meeting of the new administration will be held very soon, and certainly critical infrastructure protection will be prominent on the agenda.

International S&T Coalitions are Imperative

Many of the problems the United States faces with regard to CIP are not unique. One need only pick up a newspaper to read about regular disruptions of major systems, and particularly about cyber attacks all over the world. How did this come to be?

During the past fifteen years, diffusion of information technologies, computers and automated systems and devices has grown exponentially -- representing the dawn of the Information Age and a great surge of high technology industry. The IT era is one of intensely rapid change, where core business processes and technologies are constantly changing in search of competitive advantages and efficiencies.

These same advances, however, have created new vulnerabilities to equipment failures, human error, natural causes and, most recently, cyber attacks. Consequently, assuring the safety of the information systems that are ubiquitous and underlie our respective national and global critical infrastructures can only be accomplished through an integrated, cooperative research strategy between governments and the private sector. This strategy, of course, must have its foundation in science and technology. Getting this strategy in place, unfortunately, is not so simple, but it must be done.

Last year in the Indian Treaty Room of the Old Executive Office Building next to the White House, there was a meeting of academic professionals involved in CIP education. Many of these professors are the same individuals who perform research. I am sure most of you have not seen the Indian Treaty Room, but let me tell you that it is not very large. And the bad news is that even this small room was not crowded. At a recent meeting of the U.S. National Academy of Engineering, President William Wulf pointed out that in the U.S. today, approximately thirty-five thousand researchers and students are concentrating on computer graphics and engineering design, fields that are critical to control room and aircraft simulators, manufacturing and construction, as well as Hollywood special effects and magic. Dr. Wulf went on to say that fewer than one hundred people are concentrating on cybersecurity research.

The point is that the United States research community addressing CIP issues is totally inadequate. I am sure this is also the case in the EU. While there are pockets of significant research, the number of people we have in total is not nearly as large as it needs to be. That is where education comes in. We need more training in cybersecurity.

It is this shortage of people that makes international collaboration an even greater imperative. We need to combine our small numbers. And because cyber systems are global and since we all face the same problems, CIP and cybersecurity are issues which demand international S&T collaboration and coordination. We cannot solve the global challenges in one country. We need to work on them together.

Where Do We Go From Here?

The U.S. and EU recognized some three years ago that going it alone in this fight is simply not an option. But cooperation among governments alone is not enough. As I said before, we need partnerships with industry.

One of the most important roles of government in technology development and adoption is maintaining an environment conducive to private-sector innovation and investment. Many policies affect that environment, including policies on CIP and cybersecurity.

A recent report issued by the National Academy of Sciences, entitled "Preparing for the 21st Century," details how the technological landscape is changing. In the U.S., technology development and adoption occur through a complex system, that extends from government sponsored research and training at universities into private industrial labs and development of new technologies and new applications of old technologies to serve emerging global markets. At the same time, economic and technical interdependence among nations is growing, which creates new business opportunities. It opens the door to new markets, new technologies, and new sources of competition, which spur the creativity and productivity of our respective companies and workers.

This new technological landscape combined with a recognition noted earlier in this speech that private industry owns and operates most of the key infrastructure has led to increased efforts by the U.S. Government to stress that CIP is critical for corporate governance and risk management, and that effective CIP solutions cannot be realized without a true public/private partnership.

The U.S. government is now encouraging appropriate information sharing among the various infrastructure sectors and between the private sector and government at all levels. There are also actions being taken to encourage development of contingency plans for coordinating responses in the event of major service disruptions, whatever the precipitating cause.

The government is also working with industry to identify potential legal and regulatory obstacles that may impede information sharing or might otherwise interfere with voluntary efforts by the business community to maximize information-sharing efforts. There is also support for pre-competitive research by industry to address some of the short-term issues we face.

Since 1990, companies worldwide have entered into more than five thousand multiform R&D alliances involving high-technology. About one-third of these alliances have been between U.S. firms and companies in Europe or Japan. Most of these alliances involved the development, sharing or application of information technologies. Some directly address CIP issues.

The idea of coalition building to address major scientific issues is not new. The United States has a long history of pursuing bilateral and multilateral science and technology agreements and participating in international organizations as a means of stretching R&D dollars, bringing minds from many countries to bear on difficult technical problems, sharing burdens and benefits, and building international constituencies.

Closing Remarks

As you can see I personally am a great believer in the value of international S&T cooperation. But there also can be a downside to such cooperation.

Working with partners at a distance is a lot harder than if they are next door -- so good communication links are essential.

Secondly, national priorities can differ and funding priorities change. What were common goals when a project started may no longer be so as time goes on. So funding of one partner can disappear leaving the other partner stranded. This means projects and programs must be carefully planned with full agreement on the goals by both parties before the program begins.

There is nothing worse than a failed international alliance in high technology. I personally experienced that in the DRAM business between a U.S. and Japanese company as the world memory chip market collapsed a few years ago.

There are also different types of cooperation. The simplest is when groups work separately and exchange results. More efficient is when groups work separately but coordinate their plans so that their efforts complement each other. However, if they are very closely integrated and one group depends on anotherís results, failure of either partner can be a big problem. I have experienced that in both the corporate world and in government space research programs.

These are just some of the difficulties and challenges facing international cooperation in R&D. But, these are challenges not to discourage you but to be met head on. The global nature of the cybersecurity problem, the shortage of expertise, the urgency of the challenge -- all should stimulate us to accelerate these efforts, not to shy away from them.

That, it seems to me, is where your efforts in this EU Directorate should be directed. We in the U.S. appreciate what has been accomplished in the past four years of this cooperation and we want very much to keep working with you.

I commend you for holding this meeting, and I thank you for inviting me to address you here today.



  Back to top

U.S. Department of State
USA.govU.S. Department of StateUpdates  |   Frequent Questions  |   Contact Us  |   Email this Page  |   Subject Index  |   Search
The Office of Electronic Information, Bureau of Public Affairs, manages this site as a portal for information from the U.S. State Department. External links to other Internet sites should not be construed as an endorsement of the views or privacy policies contained therein.
About state.gov  |   Privacy Notice  |   FOIA  |   Copyright Information  |   Other U.S. Government Information

Published by the U.S. Department of State Website at http://www.state.gov maintained by the Bureau of Public Affairs.