Vermont Governor Calls For Stronger State Computer Security - Including Enhanced Driver's License Technology - in Carnegie Mellon University Speech

Business Wire, March 28, 2002

Business/Technology Editors

PITTSBURGH--(BUSINESS WIRE)--March 28, 2002

"...the fact remains that the only viable form of universal

identity in the US today is the state-issued driver's license...the same driver's license that teenagers alter in order to get into a club

or buy cigarettes. Terrorists do it all the time. They did it on

September 11th." Governor Dean

In his keynote address here yesterday, Vermont Governor Howard Dean warned that "time is not on our side" in the effort to secure the nation's computer networks against terrorist attack.

Dean spoke forcefully on the topic of state computer security issues before some of the nation's leading state information technology officials, academic experts and Internet security specialists who gathered at Carnegie Mellon University (CMU) for the two-day "Workshop on States Security." The workshop was convened to explore ways to strengthen the security of state information systems and network infrastructures. The conference agenda is available at: http://dollar.ecom.cmu.edu/tw/statessecurity/agenda.htm

Governor Dean outlined the security issues being faced and called on states to take on cooperative, leadership roles in championing hardware-based security technologies, such as smart cards and trusted card readers, to better secure the United States against a variety of security and privacy threats.

In addition to Governor Dean, other speakers include Robert Thibadeau, director of the Internet Security laboratory at the CMU School of Computer Sciences; Barry Goldman, American Management Systems; Lark Allen, executive vice president, Wave Systems Corp. (Nasdaq: WAVX); Phillip Hallam-Baker, Principal Scientist at VeriSign, Richard Pethia, director, Computer Emergency Response Team (CERT) at CMU, as well as other state information technology leaders.

Governor Howard Dean, Vermont

"There are no boundaries anymore. We are attacked by individuals -- united not by a national cause -- but by cell phones, and computer networks... Therefore, our security systems must account for this reality. Security must adapt to the threat of individuals -- not just nations -- while still protecting our fundamental civil liberties," warned Governor Dean.

The Governor added, "But how do we protect ourselves from the cyber-threat, knowing that the personal computers sitting on our desks today were never designed with security in mind? Today, powered by the Internet and driven by browsers, anyone can be a cyber-terrorist and anyone can be a victim -- often without realizing it. With a growing sense of concern, governments and businesses have invested billions to secure their servers at the core of the system -- but little has been spent to secure the most vulnerable part of the network -- the PC, the laptop, the government and corporate desktop computers - all at the perimeter of the computer network system. This is a mistake because the computing power at that perimeter can be used -- Napster style -- to take the entire network down." The full text of Governor Dean's remarks is available at: http://www.wave.com/news/press_archive/02/020327carnegiemellon.html

Governor Dean's concerns were echoed by other leading technologists attending the conference.

Dr. Robert H. Thibadeau, Principal Research Scientist, Carnegie Mellon University

"The openness of the Internet and the personal computer fueled the explosive growth of the world's digital infrastructure for the past decade. At the same time, the lack of security has resulted in a growing range of critical issues which include the invasion of individuals' privacy, frequent hacker attacks, piracy of intellectual property, and significant exposure to terrorist actions," says Dr. Robert H. Thibadeau of CMU. "It is imperative for governments, enterprises and the technology industry to cooperate in taking the necessary actions to protect the world's electronic infrastructure."

Lark M. Allen, Executive Vice President, Wave Systems Corp.

"Solutions that both provide needed security against attack and empower a new generation of services on the Internet are paramount now - it will do little good to provide one without the other. Web services are the next generation of the Internet; however, without a comprehensive trust and security solution, based on security hardware, in every connected device and component, this vision will never be realized," states Lark M. Allen. "Strong authentication of identities, platform security, content protection, privacy solutions and e-commerce transactions all have the same requirement, trusted platforms with open, programmable security hardware."

About the CMU Security Workshop:

The "Workshop on States Security," March 27-28,2002 in Pittsburgh, PA, is part of a workshop series sponsored by the Institute for Software Research International, a division of the School of Computer Science at Carnegie Mellon University. The workshops are designed to help improve the national security and trust infrastructure by identifying what realistically can implemented in the short term, and the long term issues that need to be addressed. Attendees include representatives from industry, government, and academics, including executives and CIOs, security program managers, marketing executives, computer security architects and key researchers.