Feds Getting IT Together

[InfoSec News <isn () c4i org>]

http://www.eweek.com/article2/0,3959,666804,00.asp

By Dennis Fisher and Caron Carlson 
November 4, 2002 

Government security officials have begun a new era of interagency
cooperation that has led to unprecedented levels of information
sharing. And while the high-level meetings have strengthened
government security capabilities, they have also highlighted
shortcomings in a key part of the data gathering and analysis
processes.

The movement inside the government comes as the White House faces
continued pressure to narrow the National Strategy to Secure
Cyberspace to focus on systems that are most vulnerable to terrorist
threats. Security insiders say provisions for home computer users and
small businesses should be revisited in a revised draft that is due to
be released by the end of the year.

As that debate continues, the heads of several federal security
organizations - including the Federal Computer Incident Response
Center, the Critical Infrastructure Assurance Office and the National
Infrastructure Protection Center—have begun meeting regularly to
coordinate their activities and establish ground rules for information
sharing.

The meetings represent a significant step forward in the government's
handling of vulnerability information. In the past, the various
organizations have operated independently, often duplicating efforts
and squabbling over responsibility, insiders say.

"The leaders are already working together and have made remarkable
steps in improving information sharing," said Marcus Sachs, director
for communication infrastructure protection in the White House Office
of Cyberspace Security here. "It's like an alcoholic admitting a
problem. We're past that now."

In addition to their own meetings, the leaders of FedCIRC, NIPC and
the other bodies are urging their employees to begin talking to one
another as well. They're working under the assumption that they will
be co-workers soon and should develop good rapport, Sachs said.

Under the proposed Department of Homeland Security, the government's
disparate information security organizations would be combined into
one body, with the exception of some personnel from the NIPC, who
would remain at the FBI. The bill authorizing the funding of the new
department is stalled in the U.S. Senate, and Sachs said he doesn't
expect it to be approved until late spring or early summer of next
year.

The new move toward cooperation has, however, pointed out some
inherent shortcomings in the way organizations gather and share data
on attacks and vulnerabilities. A major component of the existing
system is the network of industry-specific Information Sharing and
Analysis Centers that are supposed to gather information from members
and forward it to government and law enforcement officials for
correlation.

Members are encouraged to submit information on attacks and security
breaches so that other members can get an early warning of impending
problems. The data is stripped of identifying information before it is
passed. But, in practice, the process seldom works.

"No one contributes data because they're too lazy," said Mark Rasch,
senior vice president and chief security counsel at Solutionary Inc.,
in Omaha, Neb. "There's no one whose job it is to share information
with the competition."

In addition, as government officials scramble to improve their own
security infrastructure, they're also facing tough questions about
whether the national strategy should be more focused on national and
international priorities and less on educating home users.

"We don't have any intention of removing [the section on home users],"  
Howard Schmidt, vice chairman of the President's Critical
Infrastructure Protection Board, told eWeek. "Once [home users] turn
that system on, they're part of the network."



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.