Bush Cybersecurity Effort to Be Explained in Coming Months

Schneider dashed speculation that DHS will shelve its effort in January, when a new administration takes office. “Contrary to what is popularly covered in the press,” agency leaders heading the effort “will be running these programs on January 20 and 21,” he said. Schneider used the word “seamless” several times to describe the transition.

DHS will take cybersecurity “to the next level” by investing in “leap-ahead technologies,” Schneider said. The new National Cyber Security Center, intended to complement the U.S. Computer Emergency Readiness Team, is assigned to handle “coordination, collaboration and coming up with a common situational awareness” for federal agencies. US-CERT will deploy the next generation of the Einstein network- monitoring system, a “much more aggressive” system that uses passive sensors to evaluate network threats as they take place and prevent them before they cause damage, he said. Einstein now only diagnoses attacks afterward. Sharing the next version of Einstein with private bodies will be “one of our focuses,” he said.

DHS will spend a “significant amount” on R&D by businesses, Schneider said, cautioning that vendors should “temper your appetite.” The department will concentrate at first on hardening networks, meaning it won’t be shelling out for a new generation of hardware and software, he said, urging vendors not to dream of a “tremendous pot of gold.” DHS knows its reputation for stinginess with information that businesses want, Schneider said. The department is working on at least making contact with the right people in organizations, he said. In the past it has unintentionally reached out only to officials who handled physical infrastructure security, not cybersecurity. Some in business want DHS to create a vehicle outside the Cross Sector Cyber Security Working Group for sharing information, but that group is a “proven structure” whose value was evident in the coordinated response to Hurricanes Ike and Gustav, Schneider said.

Privacy and civil liberties are “at the center of our efforts” toward network security, Schneider said. DHS has no interest in reading “your personal e-mail,” he said. “That is not our intent.” -- Greg Piper

ITAA Cybersecurity Notebook…

The Trusted Internet Connections program has been scaled back to a goal of “under 100” external connections, Robert Jamison, DHS undersecretary for national protections and programs, said on a panel. The Office of Management and Budget, which has led the effort, had said its target was reducing thousands of connections to 50 (WID May 14 p5). “Fifty was an early target,” Jamison said, and agencies’ needs for redundancy and resilience led to changing the target. OMB and DHS now are aiming for 79 connections, he said. “It’s a tremendous contracting challenge.” Melissa Hathaway, cyber coordination executive for the Office of the Director of National Intelligence, said her office has 80 measures of its progress on the administration cybersecurity plan. Officials of the interagency cybersecurity group have testified to Congress more than 100 times, Hathaway said. A new administration’s arrival will mean 100 of the group’s political appointees leave, she said. Her office has briefed one of the presidential candidates on the situation and will do so for the other “on request,” Hathaway added. DHS needs to “maintain momentum” on its cybersecurity work through the presidential transition, Jamison said, noting that its fiscal 2009 budget request would triple the money and staff for the National Cyber Security Center. “We've got a lot of work to do from a back-end standpoint” in adopting the new Einstein network-monitoring tool, Jamison said. DHS has just under 100 staff “in the pipeline” to work on the new real-time Einstein system, which unlike today’s system will be installed at every connection point, he said. The new system is being tested internally at DHS with three vendors and with a company working on the system’s “analytical capabilities,” Jamison said. Asked if the new system can handle threats over IPv6, Jamison said Einstein’s real-time evaluation should be able to handle some IPv6 threats. Neill Sciarrone, senior director for cybersecurity at the White House’s Homeland Security Council, said her office brought Cisco and other vendors to ask how they will handle IPv6 threats. The administration sought $7.2 billion for IT security in its fiscal 2009 budget request, Sciarrone said. -- GP

----

Federal agencies are meeting recent OMB mandates on network security, said Karen Evans, administrator for the office of e-government and information technology at OMB. Every agency met a June deadline for readiness to carry IPv6 traffic, and OMB has had a “really good exchange” with agencies on the federal desktop core-configuration mandate. That requirement holds agencies to standardization of security configurations for Microsoft XP and Vista computers. The only problem is that “a lot of people want to have exceptions to the 674 settings” approved by OMB and the National Institute of Standards and Technology, and even for mission-critical applications that need exceptions, “there’s a cost to manage that uniqueness,” Evans said. Also on OMB’s plate is “closing the gap” seen in the ranks of information security professionals in the federal government, she said. “There’s a lot of hiring internally from one department to another,” and outsiders aren’t quickly enough filling the openings left by veterans. The Office of Science and Technology Policy at the White House is trying to avoid logjams in sharing classified information through an “exchange of hostages,” in which it hires from unclassified programs officials holding security clearances from previous government work, said Charles Romine, senior policy analyst at OSTP. The office is helping agencies coordinate their R- and-D and pushing Congress to permanently enact the R&D tax credit, he said. The “intellectual property machine” at research universities is a major sore spot for companies that want to engage in R-and-D, he said, because the schools make it expensive to get at their unique research. Chris Painter, special adviser to the assistant attorney general for the criminal division at the Justice Department, called the recent creation of the National Cyber Investigative Joint Task Force “a very major development.” Made up of 16 law enforcement agencies, including the FBI, Secret Service and DHS, the task force, under a model of “shared leadership,” is coordinating cyber-investigations that previously were run “ad hoc” between agencies, he said. The U.S. needs to drop its mentality of playing offense versus defense, because cyber-attackers switch between the two every “nanosecond,” said Andy Singer, until March a Navy rear admiral specializing in cyber-intelligence. Now directing Booz Allen Hamilton’s “cyber campaign,” Singer said the appropriate model for cybersecurity in the U.S. is a soccer game, where each player switches between offense and defense at a moment’s notice. The government also needs “walk-ons” and “people on the bench” from the industry to improve cybersecurity, he said.