Shows & Panels
- Accelerate and Streamline for Better Customer Service
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Client Virtualization Solutions
- Data Protection in a Virtual World
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Feds in the Cloud
- Health IT: A Policy Change Agent
- Improving Healthcare Outcomes through IT Policy
- IT Innovation in the New Era of Government
- Making Dollars And Sense Out of Data Center Consolidation
- Navigating the Private Cloud
- One Step to the Cloud, Two Steps Toward Innovation
- Path to FDCCI Compliance
- Take Command of Your Mobility Initiative
Shows & Panels
DHS IG: US-CERT lacks leadership, which hurts cybersecurity
Friday - 6/18/2010, 7:47pm EDT
"The House Homeland Security panel received the report of Richard Skinner, the Inspector General of the Department of Homeland Security, on continuing shortcomings at US-CERT -- DHS's Computer Emergency Readiness Team. Among his findings, Skinner notes that:
'Over the last five years, US-CERT has had five directors. In our opinion, that is impeding our ability to move forward. Without the leadership to implement strategic plans, and guide our day to day operations, it's going to slow us down.'
"Skinner also noted deficiencies in the way US-CERT shares information on cybersecurity with clients and partners at other federal agencies in real-time. The IG listed a number of recommendations to improve agency performance.
"Even as they contemplate the possibility of beefing up DHS's roles and responsibilities in the realm of cybersecurity, members of the House panel still found themselves struggling to envision the scope of the problem.
"Responding to a question from Homeland Security Committee Chairman Thompson, Greg Schaffer, assistant DHS secretary for Cybersecurity and Communications, and the man who runs US-CERT, admitted he could not provide an adequate estimate of how many hacker attacks took place against the nation's computer networks on a daily or monthly basis.
"Minutes later, Thompson asked Schaffer again to estimate hacker activity, this time as detected by US-CERT's Einstein intrusion detection system.
'Einstein 2 is showing us 278,000 indications of potential malicious activity at the perimeter of our networks on a monthly basis based on the deployments that we have. That doesn't mean the attacks were successful, it simply means there were indications of malicious activity 278,000 times on the average month.'
"Despite repeated questioning, none of the members of the House Homeland Security Committee were able to get a more firm and reliable estimate of hacker activity, despite improvements to cybersecurity detection systems."
Click to watch the first panel:
Click to watch the second panel: