ITAA's Year 2000 Outlook September 10, 1999 Volume 4, No. 30 Published by the Information Technology Association of America, Arlington, VA Tinabeth Burton, Editor tburton@itaa.org Read in over 80 countries around the world ITAA's Year 2000 Outlook is published every Friday to help all organizations deal more effectively with the Year 2000 software conversion. To create a subscription to this free publication, please visit ITAA on the web at https://www.itaa.org/transact/2ko utlooksub.htm. To cancel an existing subscription, visit https://www.itaa.org/transact/2kremove.htm. ITAA's Year 2000 Outlook is sponsored in part by CACI International Inc., DMR Consulting Group Inc and Y2Kplus. In this Issue: Senators Bennett, Dodd Address Y2K Readiness Issues In Speech to National Press Club 9999 - A Report from the around the world Senators Bennett, Dodd Address Y2K Readiness Issues In Speech to National Press Club Even in the best technology systems, "there are going to be a series of failures," Senator Bob Bennett (R-Utah), told an assembled gathering in a speech to the National Press Club. The good news, the Chairman of the United States Senate’s Special Committ ee on the Year 2000 Technology Problem, told the group, is that most problems in the United States can be solved in 72 hours. Speaking jointly with Senator Christopher Dodd (D-Conn), the ranking minority member on the committee, the two Senators repeatedly echoed the notion that preparedness is the best response to the unknown that will occur when Y2K takes affect. "If you stockpile anything," Senator Bennett said, "stockpile information." "Reasonable, common-sense preparation is all that is necessary," added Senator Dodd. Bennett underscored that point repeatedly in his remarks, as when he advised the group that any person or company that took the "let it fail, fix it later" approach would have many more problems that would take longer to fix and would create problems else where in the technology stream. Recalling his July 1998 speech to the NPC on the same subject, Senator Bennett reminded the group of his caution that "the number one problem we face is denial." In the intervening time, the United States and its technology infrastructure has made consid erable progress in addressing Y2K issues. "The good news is that the U.S. is well-prepared and that national and community-level emergency planning is well underway. And with proper preparation, there is less of a chance today than one year ago that Y2K will affect your personal life. The bad news is that certain industries vital to our strong economy have dangerously late readiness deadlines, and that self-reporting remains our primary source of information." The Bennett-Dodd Committee has conducted more than 30 hearings and gathered testimony from 150 witnesses in Washington, DC, Oregon, New York, California, Arizona, Nevada, Utah and Connecticut. The committee released an initial, 164-page report in March o f this year. Another report is expected no later than the end of September. The forthcoming report will outline, in more detail than previous documents, what the level of readiness and preparedness is for the nation. A GAO survey of the 21 largest cities, for example, found only two - Boston and Dallas - ready for January 1, 200 0 by the June 1999 target date. Of the 19 remaining cities, roughly half of them are aiming for a late October completion date while the remaining cities hope to be ready by New Year’s Eve. Senator Dodd cautioned that irrational behavior is, perhaps, the greatest threat posed by Y2K. Presenting the problem as a lateral and not vertical one, he discussed how all of the nation’s interlocking technical systems are at risk by the failure of any one area to overestimate their level of preparedness. While, according to Senator Dodd, certain countries are unprepared for Y2K - among them China, Japan, Russia and Italy - most countries have moved appreciably ahead in their efforts to prepare for the problem. Russia, according to Senator Dodd, presents potential problems of special note to the United States. Disruptions in the Russian banking and communications industries, for example, could exacerbate the existing political instability and lead to a period o f serious unrest. The United States should be more forthcoming in providing financial and technical assistance to the Russian government as an additional effort to keep the fragile democratic system in place. Of special concern are the 16 Chernobyl-type nuclear power facilities and the military early warning systems. While there is no indication that Y2K could cause nuclear catastrophe, potential malfunctions of the safety monitors at the power plants could h ave disastrous consequences for the Russian people. Additionally, a Y2K-driven failure of the missile early warning systems could lead to a "blind" period for the Russian military that could be ripe for accidental attack. A Joint US-Russian communications center based in Colorado Springs, Colorado, to ens ure open lines of communication exist during the transition period, is one effort to safeguard against accidental launch. Senator Dodd also suggested that the Chinese, Indians, and Pakistanis also be invited to join in the operations of the center. Senators Bennett and Dodd also used their remarks to reflect on future threats to America’s technology systems. The Y2K problem is only the first in a series of information security issues for which the nation must develop strategic plans. Senator Bennett described four types of threats to systemic integrity: 1) Hackers - young Americans who, just to prove the can, try to break into America’s secure computer networks - like those at the Department of Defense and the nation’s financial institutions. 2) Industrial Spies - people who seek to break into corporate networks to steal secrets and sell them to the highest bidder. 3) Terrorists - rogue groups who want to sabotage secure networks to crash essential systems and destroy the nation’s confidence in technology systems. 4) Attacks from Nation-States - citing a recent published report in which representatives of the Chinese government indicated they are developing plans to attack US computer networks. The things learned out of the Y2K work done so far, Senator Bennett indicated, that there is a vulnerability that will remain with us. After the Y2K challenge is past us, there are issues of security, privacy, and reliability that remain and will have to be address. Additional hearings on these matters are in the works. 9999 - A Report from the around the world. Reports from across the nation and the world indicate predictions of computer disaster on September 9, 1999 came up short. U.S. officials announced early Thursday that the Power Grid - a central component of the nation’s electrical systems - had passed the 9/9/99 test. U.S. Energy Secretary Bill Richardson called the success of yesterday's test "yet another step to assure el ectricity customers that the lights will stay on" after the end of this year. As reported by Reuters, the drill was undertaken to look for problems and to test the effectiveness of back up planning. "We have had no reports of any Y2K failures at utilities or DOE facilities," John Gilligan, Department of Energy chief information of ficer. Forty-two sites participated in the drills, coordinated by the North American Electric Reliability Council. The rest of the world reported few problems with 9999 as well. BBC reports that ACTION 2000, the agency preparing United Kingdom businesses and utilities for problems, did not expect dramatic impact from 9999. The agency says they have "only come across a handful of authenticated cases where computer systems experienced difficulties when tested for digits." BBC also reports that on mainland China the only automated exchange for corporate shares is being shutdown. Japan’s Nuclear Cycle Development Institute, a government-affiliated nuclear plant operator, is holding a drill, using 9999 as a test case for Jan uary 1. The South China Post reports that travelers are canceling flight-bookings and Asian banks are preparing for runs on ATM machines. Standard Charted Bank group executive director Mervyn Davies said "This is an excellent opportunity for us to test our syste m in advance of the millennium." By early morning, there were no reports of problems. Business to Business AMI2000 Corp., a wholly-owned subsidiary of American Megatrends Inc., Atlanta, GA, has released the Year 2000 BIOS Enabler Board, Version 1.4, a Y2K BIOS fix. ITAA Y2K Information Center Solution Providers Directory http://www.itaa.org/script/2000vend.cfm ITAA*2000 Certification Program http://www.itaa.org/2000cert.htm Outlook Archive http://www.itaa.org/script/get2klet.cfm Legislative and Litigation Table http://www.itaa.org/year2000/legis.htm Calendar http://www.itaa.org/y2kcal.htm Vendor/User Status Questionnaires http://www.itaa.org/questmain1.htm Alternate Dispute Resolution (ADR) http://www.itaa.org/year2000/adr.htm Statement of Intention to Use ADR http://www.itaa.org/year2000/soi.htm, Y2K Mediators Seminar http://www.technologymediation.com/Y2K_seminar.htm Copyright ITAA 1999. All rights reserved. The Information Technology Association of America, 1616 N. Fort Myer Drive, Suite 1300