[ISN] Feds Getting IT Together

From: InfoSec News (isnat_private)
Date: Tue Nov 05 2002 - 04:09:19 PST

  • Next message: InfoSec News: "[ISN] Linux Security Week - November 4th 2002"

    By Dennis Fisher and Caron Carlson 
    November 4, 2002 
    Government security officials have begun a new era of interagency
    cooperation that has led to unprecedented levels of information
    sharing. And while the high-level meetings have strengthened
    government security capabilities, they have also highlighted
    shortcomings in a key part of the data gathering and analysis
    The movement inside the government comes as the White House faces
    continued pressure to narrow the National Strategy to Secure
    Cyberspace to focus on systems that are most vulnerable to terrorist
    threats. Security insiders say provisions for home computer users and
    small businesses should be revisited in a revised draft that is due to
    be released by the end of the year.
    As that debate continues, the heads of several federal security
    organizations - including the Federal Computer Incident Response
    Center, the Critical Infrastructure Assurance Office and the National
    Infrastructure Protection Center—have begun meeting regularly to
    coordinate their activities and establish ground rules for information
    The meetings represent a significant step forward in the government's
    handling of vulnerability information. In the past, the various
    organizations have operated independently, often duplicating efforts
    and squabbling over responsibility, insiders say.
    "The leaders are already working together and have made remarkable
    steps in improving information sharing," said Marcus Sachs, director
    for communication infrastructure protection in the White House Office
    of Cyberspace Security here. "It's like an alcoholic admitting a
    problem. We're past that now."
    In addition to their own meetings, the leaders of FedCIRC, NIPC and
    the other bodies are urging their employees to begin talking to one
    another as well. They're working under the assumption that they will
    be co-workers soon and should develop good rapport, Sachs said.
    Under the proposed Department of Homeland Security, the government's
    disparate information security organizations would be combined into
    one body, with the exception of some personnel from the NIPC, who
    would remain at the FBI. The bill authorizing the funding of the new
    department is stalled in the U.S. Senate, and Sachs said he doesn't
    expect it to be approved until late spring or early summer of next
    The new move toward cooperation has, however, pointed out some
    inherent shortcomings in the way organizations gather and share data
    on attacks and vulnerabilities. A major component of the existing
    system is the network of industry-specific Information Sharing and
    Analysis Centers that are supposed to gather information from members
    and forward it to government and law enforcement officials for
    Members are encouraged to submit information on attacks and security
    breaches so that other members can get an early warning of impending
    problems. The data is stripped of identifying information before it is
    passed. But, in practice, the process seldom works.
    "No one contributes data because they're too lazy," said Mark Rasch,
    senior vice president and chief security counsel at Solutionary Inc.,
    in Omaha, Neb. "There's no one whose job it is to share information
    with the competition."
    In addition, as government officials scramble to improve their own
    security infrastructure, they're also facing tough questions about
    whether the national strategy should be more focused on national and
    international priorities and less on educating home users.
    "We don't have any intention of removing [the section on home users],"  
    Howard Schmidt, vice chairman of the President's Critical
    Infrastructure Protection Board, told eWeek. "Once [home users] turn
    that system on, they're part of the network."
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Nov 05 2002 - 06:30:37 PST