CERT® Coordination Center Celebrates Ten Years

Ten years ago this October, a young college student created a "worm" program that resulted in the first Internet security incident to make headline news. (For more about the worm program, see our Background feature, "Security of the Internet.") It was the wake-up call for network security. In response, the CERT® Coordination Center (CERT® /CC) was established at the SEI. Its charter was to work with the Internet community to respond to computer security events, to raise the community’s awareness of computer security issues, and to prevent security breaches.

The need for the CERT® /CC has grown along with the growth of the Internet. In 1988, there were about 88,000 computers on the Internet. In 1998, as the CERT® /CC celebrates its 10th anniversary, there are an estimated 50,000,000 users on the Net. Even more significantly, the U.S. government and U.S. commerce grow increasingly dependent on networked systems every year. For example, the Department of Defense (DoD) is moving away from expensive custom software to commercial-off-the-shelf software and commercially supported networking products. Federal mandates for online electronic records with remote access, along with the low costs of using the Internet, are accelerating the DoD’s Internet use.

Along with the rapid increase in the size of the Internet and its use for critical functions, there have been progressive changes in intruder techniques, increased amounts of damage, increased difficulty of detecting an attack, and increased difficulty of catching the attackers. In December 1988, the CERT® /CC responded to its first incident report on the first day of operation. Weeks later, it published its first security alert. While continuing to respond to security incidents and publish advisories, the CERT® /CC has expanded its role over the years to better meet the needs of the Internet community. Its early work now provides the foundation for the SEI Survivable Systems Initiative.

Current areas of focus for the Survivable Systems Initiative include

• incident response: The CERT® /CC provides assistance to computer system administrators in the Internet community who report security problems. When a security breach occurs, CERT® /CC staff members help the administrators of the affected sites to identify and correct the vulnerabilities that allowed the incident to occur. The CERT® /CC staff also coordinates the response with other sites affected by the same incident.
  
  
• survivable network management: Members of the SEI Survivable Systems Initiative address problems in operational practice through four related products:

1. security practices that provide concrete, practical guidance that helps organizations improve the security of their networked computer systems. These practices are published as security improvement "modules" that focus on best practices in network security
2. an information security evaluation method that organizations can use to identify vulnerabilities in their networked systems and keep up with changes over time
3. adaptive security management, a process for organizations to improve the security of their networked systems by changing their software engineering practices
4. training courses in using the evaluation method and the adaptive management process, along with recommended curricula to address the needs of information security professionals

• survivable network technology: The Survivable Systems Initiative is concentrating on the technical basis for identifying and preventing security flaws and for preserving essential services if a system is penetrated and compromised.
  

In this section

In this release of news@sei, we celebrate the 10th anniversary of the CERT® /CC by inviting staff members from the SEI Survivable Systems Initiative to tell the story of the past 10 years--and speculate about the outlook for the future--in their own words.

For a detailed introduction to the topic of network security, see our Background feature, Security of the Internet. This article was written by seven members of the CERT® /CC staff and was first published in The Froehlich/Kent Encyclopedia of Telecommunications vol. 15, pp. 231-255, New York: Marcel Dekker, 1997.

In our Spotlight feature, we present an interview with Richard D. Pethia, manager of the Survivable Systems Initiative and first manager of the CERT® /CC. In the interview, Rich looks back at the past 10 years and discusses topics that include intruders and how they have changed, the need to protect the critical infrastructure, the need for R&D and training in network survivability, and what organizations can do to help themselves.

In our Roundtable feature, Thomas A. Longstaff and David Fisher turn their attention to the future in a wide-ranging discussion about The Next Ten Years. Topics include the current state of the Internet; the trend toward complex interconnected systems; adaptive, self-correcting systems; new approaches in survivability research; defense in depth and decentralization; and survivability: the future of security technology.