Homeland Chief Outlines U.S. Cybersecurity Strategy
U.S. Department of Homeland Security Secretary Janet Napolitano outlined the steps DHS is taking to secure cyberspace at the RSA Conference 2010 in San Francisco on Wednesday. The former governor of Arizona also called upon experts and the public to contribute ideas to improve the nation's cybersecurity.
"All Americans have an important role to play in securing our computer systems and cyber networks," Napolitano said. "We are challenging our nation's best and brightest to utilize their expertise and creativity to devise new ways to engage the public in the shared responsibility of safeguarding our cyber resources and information."
Boosting Infrastructure Security
In her keynote address, Napolitano stressed DHS's dedication to recruiting and retaining the cybersecurity employees needed to confront terrorist and criminal threats. Moreover, she emphasized the department's commitment to supporting innovations such as EINSTEIN -- an intrusion detection program originally developed by US-CERT, the department's computer emergency readiness team.
"In the past year we've deployed the second phase of EINSTEIN to 11 federal agencies, and we will be growing to 21 this year," Napolitano noted. "And now we are testing the technology for the third phase of EINSTEIN," which will give DHS "the ability to detect malicious activity and disable attempted intrusions before harm is done to our critical systems."
Ensuring U.S. government continuity as well as private-sector services and information -- even as it protects privacy -- are among the important tasks DHS now faces, Napolitano said. To meet these challenges, DHS has developed "a national cybersecurity incident response plan in full collaboration with the private sector" that will be tested during an exercise in September.
What's more, DHS efforts continue to focus on "providing the ability to bounce back even more quickly should a large-scale attack -- or really an attack of any size -- occur," Napolitano said. To this end, DHS has "made significant progress in helping to secure the automated control systems for the nation's critical infrastructure," she added.
However, the nation still needs to undertake a massive effort "on the civilian private-sector side if we are truly going to exist in a secure cyber environment in this century," Napolitano observed. "The president himself has described our networks and the hardware that supports them as strategic national assets, and he has called the growing number of attacks on those networks one of the most serious economic and security threats that our nation faces."
Enhancing Public Awareness
Building a secure cyber environment is as much about people, habits and culture as it is about machines, Napolitano told conference attendees. "Even the most elegant technological solution will ultimately fail unless it has the support of talented professionals and of a public that understands how to stay safe when online," she said.
To help the nation meet the cybersecurity challenges ahead, DHS launched a new initiative Wednesday that calls upon experts as well as private individuals to contribute their ideas for enhancing public awareness about the importance of safeguarding the nation's computer systems and cyber networks.
"All the thinking and strategizing" that goes on within DHS itself "is very nice," Napolitano said, "but what that does not communicate is the sense of urgency and speed in which our nation needs to work and needs to act."
She also called upon security experts in the private sector for help in three key areas: "We have to get to an IT ecosystem that offers automation of security so we can react at Internet speed; interoperability, so that there are no technical barriers to security cooperation; and privacy-enhancing authentication, so that we can better protect our systems."
Posted: 2010-03-10 @ 12:37pm PT
Try the US-CERT site. It has a spot for input.
Posted: 2010-03-04 @ 6:55pm PT
I sent 9 emails to 3 different e-mail addresses on the Homeland security site (set up for the type of input I was giving) and a registered letter directly to Janet Napolitano advising her I had figured out how to end e-mail spam.
Not only did I not get an inquiry I didn't even get an acknowledgement. So much for her interest in public input: it's words in the air with no meaning.
Too bad if someone reports a terrorist threat to Homeland security, she may choose to ignore that, too.
The same goes for the FBI, DOJ, FTC, White Collar Crime Centre, White House and President. If there is a department in the US government actually interested in cybersecurity I'd love to know it's name.