[ISN] DHS Could Respond to Cyber Attack on Critical Infrastructure

From: InfoSec News (isn@private)
Date: Tue Apr 13 2004 - 01:46:53 PDT

  • Next message: InfoSec News: "[ISN] Linux Security Week - April 12th 2004"

    Forwarded from: Mark Bernard <mbernard@private>
    
    http://www.fcw.com/fcw/articles/2004/0329/web-dhs-03-30-04.asp 
    
    By Florence Olsen 
    March 30, 2004  
    
    In the event of a cyberattack on the nation's infrastructure, the 
    Homeland Security Department would have the authority and the 
    wherewithal to coordinate an appropriate response, department 
    officials told lawmakers today.
    
    Members of the House Select Committee on Homeland Security questioned 
    top information technology officials at DHS, focusing on recent 
    reports that the department remains disorganized within and not 
    well-coordinated with other federal, state and local agencies and the 
    private sector.
    
    Rep. Robert Andrews (D-N.J.) said he is concerned about the lack of 
    clear lines of authority for responding to a national cyberattack. 
    "Who's in charge when we have a crisis?" he asked.
    
    Robert Liscouski, assistant secretary for infrastructure protection at 
    DHS, said lines of communication are in place so that DHS could 
    coordinate a national response. He said DHS' authority to coordinate a 
    response is based on a presidential directive, Homeland Security 
    Presidential Directive No. 7, which President Bush issued on Dec. 17, 
    2003. Authorities are still filling in the details of that directive, 
    he said.
    
    The fiscal 2005 budget for the National Cyber Security Division is $79 
    million, most of which is allocated for building up a national 
    cyberspace security readiness and response system, Liscouski said. The 
    core of that system is the existing U.S. Computer Emergency Readiness 
    Team.
    
    For its internal security needs, department officials announced that 
    they will use a commercial product, called Trusted Agent FISMA, to 
    capture and maintain security reporting data required under the 
    Federal Information Security Management Act of 2002. Steven Cooper, 
    DHS' chief information officer, said the use of that tool should 
    "improve the timeliness and accuracy of our reporting." DHS has fared 
    poorly in recent reports on FISMA compliance.
    
    
    
    
    _________________________________________
    ISN mailing list
    Sponsored by: OSVDB.org
    



    This archive was generated by hypermail 2b30 : Tue Apr 13 2004 - 03:44:41 PDT