Recommendations range from suggesting users set tougher passwords to setting up industry centers where vulnerabilities can be anonymously shared.
The strategy, which was to be formally unveiled Wednesday at Stanford University, is not set in stone. Over the weekend, the White House panel assembling the report decided to open it up for more comment before it is presented to President Bush in two months.
"If we just come up with a government strategy and announce it without participation from the people who have to implement it, we're not going to get the level of cooperation ... that we need for this," said Richard Clarke, the White House's senior adviser on computer security.
One reason for adding time for public comment was to stem assumptions and rumors within the technology industry about the report's contents, he said.
The National Strategy to Secure Cyberspace includes nearly 60 suggestions for improving computer security for home users, small businesses, universities, large corporations, government agencies and other nations.
One leaked copy of the final plan was published on the Internet late Tuesday.
It encourages software engineers to be more careful with products they design, and companies to test their internal computer security regularly. It also recommends a code of conduct for Internet providers to follow when an attack is underway.
But it does not seek laws requiring Internet providers to include firewalls or other security devices with their high-speed, always-on and vulnerable Internet services.
"We're not creating regulation, not creating mandates," Clarke told reporters on the eve of the report's official release. "We want to do this through market forces."
But critics say voluntary cooperation and market pressures will hardly have the impact of laws and regulations.
"All of these are good recommendations," said Mark Rasch, formerly the Justice Department's top computer crimes prosecutor. "But none have the force of law. There is no carrot, and there is no stick. You need to put some teeth into some of the proposals."
Also Tuesday, Clarke refuted as "vast exaggeration" published reports that influential companies have lobbied aggressively in recent weeks to strip or change proposals that would have raised their business costs.
One proposal in an earlier draft recommended that Internet providers offer security software to customers. The latest version recommends that home users install and use such software, such as firewalls and anti-virus utilities.
"We have not been changing things up to now under pressure from anybody outside the government," Clarke said.
Copyright 2002. Associated Press. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
