Feeds

Lawmakers voice concerns over cybersecurity plan

Too little too late?

Boost IT visibility and business value

Members of the House of Representatives sought details on Thursday of a $30bn plan to secure federal government systems and upgrade network defenses to ward off attacks from foreign nations and online criminals.

Known as the Cyber Initiative, the Bush Administration project would dramatically reduce the number of interconnections between federal government networks and the internet and put more advanced network security in place to monitor data traffic for signs of malicious attacks.

While the five to seven year project could dramatically improve the network defenses of government agencies, lawmakers questioned whether the initiative will be too little, too late, and whether the resulting network monitoring could undermine privacy.

"It's hard to believe that this Administration now believes it has the answers to secure our federal networks and critical infrastructure," Representative Bennie Thompson (D-MS), chairman of the House Committee on Homeland Security, said in prepared remarks at the opening of the hearing on Thursday. "I believe cybersecurity is a serious problem - maybe the most complicated national security issue in terms of threat and jurisdiction. This problem will be with us for decades to come."

The US government gave short shrift to cybersecurity issues at the beginning of the decade. While the Bush Administration released its National Strategy to Secure Cyberspace in 2003, the final document significantly softened the government's stance on securing critical infrastructure, which is primarily maintained by private companies. The Administration also collected most of the cybersecurity capabilities into the Department of Homeland Security and then failed to fund the efforts.

While Congress established the position of Assistant Secretary for Cybersecurity within the DHS in 2005, the Bush Administration failed to fill the leadership role for more than a year, finally appointing Greg Garcia, a former information-technology lobbyist, to the post.

In the last two years, however, the Bush Administration has focused more intently on securing government networks. The US computer emergency readiness team (US-CERT) has deployed a network-traffic analysis system, EINSTEIN, to monitor 15 agencies for possible computer intrusions.

The National Institute of Standards and Technology has created the National Vulnerability Database and worked with other agencies to create important standards for configuration management and vulnerability detection.

The Office of Management and Budget, along with NIST, is spearheading an effort to get all desktop computer systems within federal agencies to use the Federal Desktop Core Configuration - a standard, secure configuration for Windows XP and Windows Vista.

Build a business case: developing custom apps

More from The Register

next story
Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
'Greenhouse effect is real, but as for the rest of it ...'
'Blow it up': Plods pop round for chat with Commonwealth Games tweeter
You'd better not be talking about the council's housing plans
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
Adam Afriyie MP: Smart meters are NOT so smart
Mega-costly gas 'n' 'leccy totting-up tech not worth it - Tory MP
Yes, Australia's government SHOULD store comms metadata
Not because it's a good idea but because it already operates the infrastructure and processes to do it well
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.