Highlights
– DHS has made small gains in cyber security since its inception
– DHS offers more details of its National Cyber Security Initiative
– Lawmakers and industry experts call for cyber security initiative to move agencies
In the past week, the Department of Homeland Security (DHS) has experienced a barrage of criticisms from Congressional leaders, government department heads, and industry experts over its weak planning, design, coordination, and implementation of the National Cyber Security Initiative (NCSI).
On September 16, 2008, a director and senior fellow at the Center for Strategic and International Studies (CSIS), testified before a US House Homeland Security subcommittee concerning emerging threats, cybersecurity, and science and technology and stated that while DHS has improved, oversight for cybersecurity in his opinion should move elsewhere. The director, James Lewis, was testifying on behalf of CSIS’s Commission on Cybersecurity for the 44th Presidency, a group made up of 40 cybersecurity and government experts.
In the same hearing, a US House Representative also stated that leadership for DHS’s cybersecurity efforts was being conducted poorly, noting that in a prior committee appearance, the DHS undersecretary for national protection and programs had given himself a “solid C” in cyber security.
In another US House hearing on September 18, 2008 the House Select Committee on Intelligence Chairman stated he found it interesting the White House had put DHS in charge of the cyber initiative when it was created six years ago.
Adding to these recent criticisms, two new reports issued by the Government’s Accountability Office (GAO) in September 2008 detailed DHS cybersecurity shortcomings. According to testimony from David Powner, the GAO’s director of information management issues, the GAO has been reporting on DHS’s cybersecurity efforts since 2005 and has made 30 recommendations for improvements. Powner stated that none of these recommendations have been fully satisfied. The reports describe the department’s failure to fully address 15 key cyberanalysis and warning attributes related to activities such as monitoring government networks for unusual activity.
DHS Provides More Details Of NCSI
Congressional leaders and witnesses at the September 16th hearing also criticized DHS and the White House for being too secretive with details of its NCSI. Critics stated that the lack of details concerning the program’s goals hinders Congressional oversight and private industry participation and expertise. At a forum hosted by the Information Technology Association of America on September 15, 2008 DHS executives attempted to provide more details of the goals for the NCSI. A deputy undersecretary for DHS indicated plans for the initiative include enhancing the current cyber intrusion detection system, working more closely with the private sector, and focusing on foreign threats. Additionally, the department is currently working with three different vendors to test “Einstein 2,” an upgrade to the department’s original intrusion detection system, “Einstein.” One of the goals of the system is to create real-time, situational awareness across all federal domains of any new or ongoing cyber threats.
When considering threats from foreign nations, the NCSI plans to develop a government wide cyber intelligence plan specifically focused on foreign state cyber threats. The idea is to prevent situations such as the recent cyber attacks by Russia on key Georgian governmental networks before commencing conventional military action on the nation (Previous Report).
At the September 16th hearing, the CSIS director voiced his belief that Congress needs to be involved with the planning and development of a secure cyber infrastructure. In what may be seen as a sign that Congress is supportive of such an idea, it was recently announced that the Cybersecurity Caucus, a forum for House members from various committees to discuss cyber security, will begin work in January 2009.
Outlook
In November 2002, when President Bush signed the Homeland Security Act of 2002 authorizing the creation of DHS, he stated that the department would organize and focus its efforts to face the challenge of cyber terrorism. The President also indicated that the department would be charged with encouraging research on new technologies that could detect threats in time to prevent an attack.
However, almost six years later, many in Congress and experts in the industry are calling for other federal agencies to take the lead in securing the nation’s cyber infrastructure amid DHS’s lackluster performance. Some are suggesting the Central Intelligence Agency (CIA) or the National Security Agency (NSA), which is currently responsible for protecting government computers through its “information assurance” arm, would be better suited to address the cyber threat. Regardless of the outcome, the calls for change are growing and will likely, at the least, lead to increased oversight and possible reorganization of the NCSI.