[ISN] DHS cyber division taking shape, despite concerns about waning influence

From: InfoSec News (isn@private)
Date: Thu Oct 02 2003 - 02:45:56 PDT

  • Next message: InfoSec News: "[ISN] Windows & .NET Magazine Security UPDATE--October 1, 2003"

    http://www.computerworld.com/securitytopics/security/story/0,10801,85589,00.html
    
    Story by Dan Verton 
    OCTOBER 01, 2003 
    COMPUTERWORLD 
    
    ANN ARBOR, Mich. -- A principal adviser to the new head of the
    Department of Homeland Security's National Cyber Security Division
    (NCSD) has reiterated that the division and its industry outreach
    program remain key players at the DHS and that it has a direct line to
    senior officials, including Secretary of Homeland Security Tom Ridge
    and President Bush.  
    
    Speaking here at the Digital Security Conference, Sallie McDonald, the
    DHS's senior executive responsible for outreach and awareness efforts,
    said yesterday that the NCSD "is properly placed within the
    department" and has been described by Ridge as part of the "heartbeat
    of the agency."
    
    The conference was sponsored by Washtenaw Community College and the
    Walsh College Information Assurance Center.
    
    McDonald's comments follow recurring criticism from experts and former
    administration officials who fear that the current cybersecurity
    leadership has been buried too deep within the DHS bureacracy to be
    effective. Critics fear that the agency may have lost some of its
    influence with the departure this year of Richard Clarke, the former
    chairman of the President's Critical Infrastructure Protection Board
    and the nation's first de facto cybersecurity czar.
    
    Those critics, including Clarke, have said repeatedly that not having
    the ear of the president or Ridge could spell the loss of momentum on
    the public/private cybersecurity partnership agenda.
    
    A spokesman for the DHS said Amit Yoran, whose last day of official
    employment at Symantec Corp. was yesterday, will take the helm at the
    NCSD during the last week of this month. McDonald praised Yoran,
    calling him the right person for the right job at the right time.
    
    McDonald said the NCSD is now focused on reducing vulnerabilities
    throughout the nation's critical infrastructures, establishing a
    national response center at the newly formed US-CERT at Carnegie
    Mellon University (see story), and developing a cybersecurity outreach
    program targeted at small businesses and home users as well as large
    companies.
    
    The NCSD is also taking the lead on a cybersituation awareness project
    that can conduct near-real-time analysis of incident data nationwide,
    said McDonald. The division is currently working with SRI
    International, Symantec and Computer Associates International Inc. to
    develop an automated capability that would enable data to be shared
    immediately with various private-sector-run Information Sharing and
    Analysis Centers. The research and development effort includes plans
    to build a nonproprietary system that would allow any organization in
    the nation, regardless of IT infrastructure, to feed data into the
    incident analysis system.
    
    "We will be deploying this in the federal sector starting at the
    US-CERT first so we can see in real time what is happening across the
    nation," McDonald said.
    
    She also hinted at a series of "big announcements" the DHS may make in
    the next few months regarding its work with Internet service providers
    on possibly offering users free firewalls. That move would be part of
    an effort to simplify the security procedures for small businesses
    that don't have large corporate IT staffs.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Oct 02 2003 - 05:42:50 PDT