About Information Security
Information security, including the development of an expanded workforce in this field, is among the most critical issues facing the United States today. Data from the past seven years show that the threats from computer crime and other information security breaches continue unabated, and the financial toll is mounting (2002 Computer Security Institute/FBI Computer Crime and Security Survey). Losses incurred due to the theft of proprietary data from our high-tech and financial services industries, manufacturing companies and government agencies currently exceed $170 million annually. Other annual losses are significant as well: financial fraud ($116 million), insider abuse of Internet access ($50 million), computer viruses ($50 million), network denial of service attacks ($18 million) and system penetrations by outsiders ($13 million) (2002 Computer Security Institute/FBI Computer Crime and Security Survey).
The need for individuals knowledgeable in information security was made an issue of national prominence in 1997, when the President’s Commission on Critical Infrastructure Protection released its report, Critical Foundations: Protecting America’s Infrastructures. In it, eight critical infrastructures were identified as being at risk serious enough to threaten national security (telecommunications, banking and finance, electrical power, oil and gas production and storage, water supply, transportation, emergency services, and government services). In May 1998, Presidential Decision Directive 63 was issued, which called for a national effort to secure the nation’s critical infrastructures. The National Security Agency was charged with promoting higher education in information security in order to produce more professionals with information security expertise.
Information security has been identified as a particularly important knowledge need for workers in the New England states. At the Information Technology Workforce 2002 Conference sponsored by the New England Governors’ Conference, industry leaders from across New England emphasized the importance of addressing information security as an emerging workforce issue.
The need for information security workers was echoed at the national level by recent reports from the President’s Critical Infrastructure Protection Board, including The National Strategy to Secure Cyberspace (February 2003), and Promoting Innovation and Competitiveness, President Bush’s Technology Agenda.