FBI information systems still at 'substantial risk,' officials say

[InfoSec News <isn () c4i org>]

http://www.govexec.com/dailyfed/0402/040902td1.htm

By Maureen Sirhal
National Journal's Technology Daily 
April 9, 2002 

The FBI runs major risks of having its information systems infiltrated 
despite the agency's recent overhaul efforts, top FBI officials said 
Tuesday.

After the capture of Robert Hanssen, who worked at the FBI for more 
than 20 years while spying for the Soviet Union, the FBI has taken 
steps to bolster its security and revamp its information management 
practices. But Kenneth Senser, the FBI's assistant director for 
security, told members of the Senate Judiciary Committee that the 
agency, along with other U.S. intelligence departments, still suffers 
from the threat of security breaches. 

"I think we are still at substantial risk relative to what we have to 
do," Senser said. "I do think this is a period of time that we will 
have to build expertise [to] ... bring the matter under control." 

But he noted that the bureau has a greater chance today than a year 
ago of finding a potential spy. 

Committee Chairman Patrick Leahy, D-Vt., said it is vital that the FBI 
take measures to properly secure sensitive data, especially national 
security information obtained through Foreign Intelligence Security 
Act (FISA) searches. 

"I cannot underscore how much attention I want given to this," he 
said. In light of new surveillance powers granted to the FBI under 
anti-terrorism legislation, Leahy said the FBI must repair its 
handling of intelligence data and follow proper procedures. 

Sen. Richard Durbin, D-Ill., expressed dismay over the weak state of 
information technology at the bureau revealed by the Commission for 
the Review of FBI Security Programs, also known as the Webster 
Commission. Former FBI Director Louis Freeh convened the commission to 
comprehensively review the securities lapses at the FBI and make 
recommendations. 

Durbin chastised the Office of Management and Budget, which he said 
was trying to thwart new spending initiatives to bolster technology 
capabilities at the FBI. 

Judge William Webster, the former director of the FBI and CIA who 
chaired the commission, cited the need to integrate security into the 
bureau's daily procedures. That requires better education and training 
of employees, as well as an improved information system, he said.

He noted that such precautions might have snared Hanssen earlier, and 
he applauded provisions of a bill, S. 1974, that would implement many 
of the Webster Commission's recommendations. 

The FBI officials highlighted measures taken to bolster security, such 
as the creation of counter-intelligence and security divisions. The 
FBI also is improving worker training and making greater efforts to 
modernize its computer and data systems. Senser noted that the agency 
is readying its information systems to eventually support technologies 
such as a public key infrastructure. 

Senser said the FBI has not conducted a "big picture" cost analysis of 
necessary funds to enhance its security. Congress has allocated more 
than $56 million to the bureau as part of the counter-terrorism 
supplemental package enacted shortly after the Sept. 11 terrorist 
attacks. The FBI requested $78 million for fiscal 2003 to bolster data 
management.

Sen. Mike DeWine, R-Ohio, said that although Congress would hear the 
FBI's concerns, the burden of boosting the historically underfunded 
FBI would fall to the agency. 



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.