Chertoff outlines goals of national cybersecurity initiative
SAN FRANCISCO'Five years after formation of the Homeland Security Department, cybersecurity is becoming a major focus of the department, Secretary Michael Chertoff said Tuesday at the RSA Security conference.
The department has never completely ignored the area, he said in his remarks during the opening sessions of one of the nation's largest gathering of security professionals. He cited the National Cyber Security Division and US-CERT, the nation's primary early warning system for cyberthreats. CERT is good, but not sufficient, he said.
'The time has come to take a quantum leap forward' from CERT's reactive capabilities, he said.
That leap, Chertoff said, is embodied in the president's joint national security and homeland security directive creating a National Cyber Security Initiative.
'It is almost like a Manhattan Project to defend cyber networks,' he said, referring to the World War II crash project to develop an atomic weapon.
The secretary said the decentralized, asymmetrical nature of cyberthreats makes them particularly dangerous. Not only is cybercrime expanding, but he cited the risks of cyberterrorism capable of damage 'very much on a par' with the Sept. 11, 2001, attacks.
'We take the threats in the cyber world as seriously as we take threats in our real world,' he said. The department has devoted $115 million to cybersecurity activities in this year's budget, and has requested $190 million in the fiscal 2009 budget.
Art Coviello, president of RSA, the security division of EMC, called Chertoff's presence at this year's conference an example of the leadership role government finally is assuming in cybersecurity.
Chertoff said many of the activities under the Cyber Security Initiative are classified, but he outlined the initial goals of the initiative. These include:
- Reducing and consolidating the thousands of federal network Internet connections under the Trusted Internet Connections initiative. Reducing the number of connections to fewer than 100 could enable better control and monitoring of activities.
- Using the certification and accreditation authority of the Office and Management and Budget under the Federal Information Security Management Act to ensure that agencies establish watch-and-warning capabilities on their networks on a 24/7 basis, to improve cyber incident detection and response capabilities.
- Developing a faster process for detecting and responding to anomalous behavior on global networks, so that attacks can be spotted in a matter of minutes, not hours.
- Fully developing the potential of Einstein, the system used by US-CERT to spot problems on global networks.
Chertoff also said the first step in establishing an effective national cybersecurity strategy is for the government to 'get its own house in order,' and share its expertise and lessons learned with the private sector. He outlined three other critical elements in an effective strategy:
- Ensuring the trust and assurance of information technology components acquired for critical systems in a global marketplace.
- Better internal security and baking security into the culture of critical infrastructure organizations.
- Improving methods and technology for using security to improve online privacy, because the Internet has become an essential part of the nation's economy.
Chertoff asked for the private sector's help in meeting those goals, and assured businessmen that the administration has no interest in forcing more security regulation on the private sector.