DHS cyber division taking shape, despite concerns about waning influence

[InfoSec News <isn () c4i org>]

http://www.computerworld.com/securitytopics/security/story/0,10801,85589,00.html

Story by Dan Verton 
OCTOBER 01, 2003 
COMPUTERWORLD 

ANN ARBOR, Mich. -- A principal adviser to the new head of the
Department of Homeland Security's National Cyber Security Division
(NCSD) has reiterated that the division and its industry outreach
program remain key players at the DHS and that it has a direct line to
senior officials, including Secretary of Homeland Security Tom Ridge
and President Bush.  

Speaking here at the Digital Security Conference, Sallie McDonald, the
DHS's senior executive responsible for outreach and awareness efforts,
said yesterday that the NCSD "is properly placed within the
department" and has been described by Ridge as part of the "heartbeat
of the agency."

The conference was sponsored by Washtenaw Community College and the
Walsh College Information Assurance Center.

McDonald's comments follow recurring criticism from experts and former
administration officials who fear that the current cybersecurity
leadership has been buried too deep within the DHS bureacracy to be
effective. Critics fear that the agency may have lost some of its
influence with the departure this year of Richard Clarke, the former
chairman of the President's Critical Infrastructure Protection Board
and the nation's first de facto cybersecurity czar.

Those critics, including Clarke, have said repeatedly that not having
the ear of the president or Ridge could spell the loss of momentum on
the public/private cybersecurity partnership agenda.

A spokesman for the DHS said Amit Yoran, whose last day of official
employment at Symantec Corp. was yesterday, will take the helm at the
NCSD during the last week of this month. McDonald praised Yoran,
calling him the right person for the right job at the right time.

McDonald said the NCSD is now focused on reducing vulnerabilities
throughout the nation's critical infrastructures, establishing a
national response center at the newly formed US-CERT at Carnegie
Mellon University (see story), and developing a cybersecurity outreach
program targeted at small businesses and home users as well as large
companies.

The NCSD is also taking the lead on a cybersituation awareness project
that can conduct near-real-time analysis of incident data nationwide,
said McDonald. The division is currently working with SRI
International, Symantec and Computer Associates International Inc. to
develop an automated capability that would enable data to be shared
immediately with various private-sector-run Information Sharing and
Analysis Centers. The research and development effort includes plans
to build a nonproprietary system that would allow any organization in
the nation, regardless of IT infrastructure, to feed data into the
incident analysis system.

"We will be deploying this in the federal sector starting at the
US-CERT first so we can see in real time what is happening across the
nation," McDonald said.

She also hinted at a series of "big announcements" the DHS may make in
the next few months regarding its work with Internet service providers
on possibly offering users free firewalls. That move would be part of
an effort to simplify the security procedures for small businesses
that don't have large corporate IT staffs.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.