The U.S. is poorly prepared for a major disruption of the Internet, according to a study that an influential group of chief executives will publish today.
The Business Roundtable, composed of the CEOs of 160 large U.S. companies, said neither the government nor the private sector has a coordinated plan to respond to an attack, natural disaster or other disruption of the Internet. While individual government agencies and companies have their own emergency plans in place, little coordination exists between the groups, according to the study.
“It’s a matter of more clearly defining who has responsibility,” said Edward Rust Jr., CEO of State Farm Mutual Automobile Insurance Co., who leads the Roundtable’s Internet-security effort.
Other companies with leaders active in the effort include FedEx Corp., International Business Machines Corp., Dow Chemical Co., Hewlett-Packard Co., CA Inc., Alcoa Inc., Sun Microsystems Inc. and Pfizer Inc.
The study points out that a massive Web disruption could potentially paralyze banks, transportation systems, health-care providers and voice calling over the Internet.
The chief problem: There are so many public and private institutions that handle security-related tasks that their responsibilities often overlap, creating inefficiencies that can bog down an emergency response, according to the study.
Security officials at some banks and other companies have established groups to swap data about Internet threats. Companies that make the technology behind the Internet itself have an informal group of their own to discuss security issues. Meanwhile, a government body called the National Cyber Response Coordination Group is meant to manage a response to Internet emergencies.
Yet those groups’ roles are often unclear, and no system is in place to coordinate their efforts, the study says. It cited “serious problems stemming from the lack of consolidation, including the fact that these organizations are not accountable for their actions.”