[ISN] DHS releases new details on Einstein 3 intrusion prevention pilot

From: InfoSec News <alerts_at_private>
Date: Mon, 22 Mar 2010 00:02:01 -0600 (CST)

By Ben Bain
March 19, 2010

The Homeland Security Department plans to partner with a commerical 
Internet Service Provider and another government agency to pilot 
technology developed by the National Security Agency to automate the 
process of detecting cyber intrusions into civilian agencies. systems, 
making it possible to thwart the attacks before damage is done.

The new technologies and automated processes of Einstein 3 are 
improvements over Einstein 1 and 2 technology, DHS officials said. 
Einstein 3's predecessors focused on intrusion detection, allowing 
analysts to scan records of connections to agencies. systems and use 
signatures to scan network traffic for cyber threats. Einstein 3 would 
add the ability to prevent those intrusions.

Einstein 3 also would improve information sharing by DHS' U.S. Computer 
Emergency Readiness Team (US-CERT), allowing the department to automate 
the process for sending alerts about detected network intrusions.

The department's privacy office detailed the plans to pilot technologies 
and processes that could be used for Einstein 3 in a privacy impact 
assessment (PIA) for the exercise on March 18. The E-Government Act of 
2002 required agencies to complete privacy impact assessments for 
substantially revised or new information technology system.


Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
Received on Sun Mar 21 2010 - 23:02:01 PDT

This archive was generated by hypermail 2.2.0 : Sun Mar 21 2010 - 23:17:55 PDT