Hearing airs gaps on cyberalerts, infrastructure data
- By Wilson P. Dizard III
- Apr 21, 2004
Federal agencies continue to issue uncoordinated cyberalerts and its lists of critical infrastructure assets are sadly lacking, according to speakers at a House hearing today.
Witness George C. Newstrom, Virginia's secretary of technology and chair of the National Association of State CIOs security committee, condemned the uncoordinated cyberalerts.
Newstrom said agencies other than the Homeland Security Department, 'particularly those in the departments of Justice and Health and Human Services, are issuing cyberalerts to their state and local programmatic counterparts, which are not incorporated into the National Cyber Security Division of DHS alert products.'
After the hearing, Newstrom said DHS and other federal agencies had improved their cyberalert methods in recent months.
Newstrom spoke before a hearing held by the House Homeland Security Select Committee's Subcommittee on Cybersecurity, Science, Research and Development, and the Subcommittee on Infrastructure and Border Security.
Newstrom said NASCIO would be willing to help DHS cybersecurity officials such as NCSD director Amit Yoran and members of the Federal Chief Security Officers Council develop a coordinated and consistent intergovernmental warning process across all levels of government.
DHS assistant secretary for infrastructure protection Robert Liscouski, speaking alongside Newstrom, said federal agencies in recent months had coordinated the content, if not the distribution, of their cyberalerts. He added that, 'In the past there were gaps in our information flow'we addressed that quickly with the FBI, and now messages are cleared by both agencies.' DHS still is working with other agencies to coordinate the flow of federal cybersecurity alerts, Liscouski said.
The lengthy hearing erupted into tumult when Rep. Norm Dicks (D-Wash.) confronted Liscouski with a classified list of critical infrastructure assets in his state that he said left out important places such as the facilities of Microsoft Corp., Boeing Co., the Puget Sound Naval Shipyard and several sports stadiums. Liscouski's directorate is responsible for assembling critical infrastructure data, including lists of major assets around the country.
Dicks waved a sheet of paper he said had been provided to him by Washington adjutant general Timothy J. Lowenberg. 'This list is the most pathetic thing I have ever seen,' Dicks said sharply. 'I've been in Congress 28 years and this is the most pathetic thing I have ever seen!'
Liscouski said, 'We typically don't discuss things on this [classified] list' in public. Dicks retorted, 'Why is this thing so screwed up? I don't get any sense of urgency here!'
Rep. Dave Camp (R-Mich.), chairman of the infrastructure and border security subcommittee, said the department had held a classified briefing for members to review the list. Rep. Mac Thornberry (R-Texas), chairman of the cybersecurity subcommittee, expressed concern about 'classified lists floating around.'
Liscouski said he would discuss the list with Dicks in a classified setting.