Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
DHS cultivates cyber workforce, tools
Monday - 9/24/2012, 3:51pm EDT
The Homeland Security Department's Einstein intrusion prevention and intrusion detection program was falling behind the technology curve. The agency was depending on hardware that had become out of date before many departments got a chance to use it.
Mark Weatherford, the DHS under secretary for cybersecurity in the National Protection and Programs Directorate, changed the focus of the program about a year ago.
"I looked at the program and said the technology has moved on and we need to figure out a way to get the technology for intrusion prevention out there faster for civilian agencies," Weatherford said Tuesday during an exclusive interview on In Depth with Francis Rose as part of Federal News Radio's Agency of the Month series. "We've been working with our federal partners, with the Defense Department and we've re-engineered the solution from a hardware- to a software-based platform. We've pushed it out more broadly where all federal agencies can participate in it almost immediately."
He added the move to E3A (Einstein 3- Accelerated) still will be a multi-year effort, but DHS made the program more flexible so it can stay technologically relevant over the implementation timeline.
DHS began implementing Einstein in 2004 as a sensor and network flow management tool. It expanded Einstein to be an intrusion detection system and implemented it across at least 15 civilian agencies over the last four years.
The agency has been testing Einstein 3, which expands again to be an intrusion prevention tool, for the last few years.
Weatherford said E3A will help agencies move out a reactionary mentality.
"It's hard to block something you don't know exists," he said. "We work very closely with the government agencies in issuing out and getting them threat and vulnerability information."
He said because cybersecurity is getting so much attention across the government and on Capitol Hill, agencies are becoming more proactive in how they defend their networks and systems.
Changes to the workforce
Beyond tools like Einstein, DHS and other agencies need employees with the right skill sets.
Chris Cummiskey, DHS' deputy under secretary for management, said the types of skills cyber workers need are changing.
"It ranges from watch-floor types of activities to analytics to forensics," he said.
Weatherford said his office is hiring people with hard skills, the type one gets from banging on a keyboard, breaking it open and then putting it back together again.
"What we really look for are those with deep technical skills, but can also analyze an event," he said. "You really look for people who look at problems differently. Many of these skills are the kind that can't be taught, but take a lot of experience."
Finding these types of people isn't easy and nearly every agency and private sector firm is competing for their services.
Cummiskey said DHS is taking advantage of special hiring authority the Office of Personnel Management granted them a few years ago. The authority lets DHS speed up the hiring process in order to place cyber workers and not lose them to the competition.
The other approach to finding the right workers is offering them interesting work.
"We want to be in the same cadre as DoD, the FBI and others," he said. "If you are really serious about a career in this, you will stop at DHS and spend a few years."
Opportunities abound at DHS
Weatherford said the mission space around cybersecurity is vast at DHS.
"There are not many places you go in the government or in the private sector in the cybersecurity arena where you can get the breadth of experience that you get," he said. "That really is a big draw for us. I talk to people and tell them to come work at DHS as a stop in your private sector career."
He said having someone work in the private sector, come to government and then eventually go back to the private sector is beneficial to all because they get to see cybersecurity from the different perspectives.
Weatherford's office has been hiring hundreds of cyber professionals, but also has faced a fair amount of turnover.
Over the last year, DHS lost five senior officials, and since January, four new senior executives have come to DHS. Since the fall, almost the entire management team that oversees cybersecurity in NPPD is new.
Weatherford said he doesn't think the changes at NPPD are any different than other agencies or in the private sector, however.