DHS plans threefold attack on cyberthreats

The new U.S. CERT center will be a single, streamlined group using resources from government, industry and academia, DHS' Bob Liscouski says.

Henrik G. de Gyor

The Homeland Security Department went public last week with a three-pronged campaign to protect the nation's critical systems from attack: It named a new cybersecurity czar, announced a new unit to speed threat response and unveiled plans for an IT security summit.

Heading the department's cybersecurity efforts will be Amit Yoran. Yoran, vice president of worldwide managed security services at Symantec Corp., will become the new director of the National Cyber Security Division.

One of the first items on Yoran's agenda will be hastening the government's response to cyberthreats.

'The goal is to share what we know when we know it,' said Frank Libutti, undersecretary of Homeland Security for information analysis and infrastructure protection (IAIP). Libutti announced the U.S. Computer Emergency Response Team at a meeting last week sponsored by the IT Association of America.

The department will collaborate with the CERT Coordination Center at Carnegie Mellon University to create U.S. CERT, which will coordinate responses to cyberattacks and conduct prevention and protection efforts.

'The recent cyberattacks, such as the Blaster worm and the SoBig virus, highlight the urgent need for an enhanced computer emergency response program that coordinates national efforts to cyberincidents and attacks,' Homeland Security secretary Tom Ridge said.

Global reach

Carnegie Mellon's center alerts U.S. industry and computer users worldwide about security threats and provides information about how to minimize and recover from damage.

The CERT Coordination Center is part of the university's Software Engineering Institute, a federally funded R&D center run by Carnegie Mellon.

The partnership with Homeland Security will bring about a single, streamlined center using resources from government, industry and academia, said Bob Liscouski, assistant secretary for infrastructure protection.

U.S. CERT will have four objectives:
  • Develop open standards for detection tools

  • Assure a 30-minute response time to cybersecurity threats

  • Improve coordination of warning and response information

  • Enhance detection methods.

One effect of creating U.S. CERT will be to consolidate the government's four separate watch centers for cyberevents, said Lawrence C. Hale, director of the Federal Computer Incident Response Center. The four watch centers are FedCIRC, the National Communications System, the former National Infrastructure Protection Center and the DHS watch center.

'All four will collapse into one location,' Hale said.

FedCIRC will retain its identity as an activity within U.S. CERT.

Sallie McDonald, acting director for outreach and awareness at the National Cyber Security Division, said the IAIP Directorate has hired SRA International Inc. of Arlington, Va., to support U.S. CERT.

To provide a forum for the private and public sectors, the department will host the IT Security Summit in November, Liscouski announced last week at a hearing of the House Select Homeland Security Subcommittee on Cybersecurity, Science and R&D.

'Our summit is going to involve not only those in the technology sector but across industries,' he said, but declined to give additional details.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above