One of the key elements of the strategy is to establish a National Cyberspace Security Response System under the direction of the new Department of Homeland Security (DHS). According to the White House site, the DHS will establish uniform procedures for the "receipt, care and storage" by federal agencies of critical infrastructure information that is voluntarily submitted to the government.
In the early planning stages of the Bush plan, the private sector largely opposed information sharing about network threats because of fears that the information would eventually become public, concerns the White House says are addressed in the legislation that created the DHS.
The plan also focuses on urging the private sector to improve IT training and to establish IT certification programs by creating like government initiatives as examples.
One of the first industry groups to publicly comment on the plan, the Computing Technology Industry Association (CompTIA), said in an official statement, "The National Strategy challenges our traditional focus on technology as the 'silver bullet,' and highlights more fundamental behavioral matters -- like IT training and certification -- that can make America's computer networks safer."
Tom Santaniello, CompTIA manager of U.S. public policy, said, "The recent 'Slammer Worm' attack reveals the importance of the human element in network security. The network weakness had been identified months earlier, and a patch was widely available to fix the problem. Unfortunately, few administrators chose to install it. In other words, though the technology was there, the human follow-up was not."