In its first public criticism of the White House and lawmakers' efforts to follow up on President Bush's 2003 much-ballyhooed National Strategy to Secure Cyberspace, the Cyber Security Industry Alliance (CSIA) said Washington has taken only "limited steps" to improving the security of the nation's infrastructure.
The steps are so limited, the CSIA contends, that it gave both the White House and Congress a D for their efforts in 2005.
Kurtz said this year's massive data breaches, a barrage of security vulnerabilities and the disruption of communications during Hurricane Katrina highlight the urgent need for improved information security preparedness and response.
Instead, Congress has so far failed to pass either data-breach disclosure or spyware legislation. Lawmakers did approve creating the new position of Assistant Secretary of Cyber Security with the Department of Homeland Defense, but the White House has yet to fill the slot.
"Six months downstream, it's time to put a person in that place," Kurtz said. "Part of leadership is delegation."
Kurtz called the 2004 Homeland Security Presidential Directive calling for the United States to reduce identity fraud and protect personal privacy a "toothless tiger with no money attached to it."