Which intrusion is worse?

The debate over a federal intrusion- detection system — which would collect

data on information security breaches and then distribute warnings governmentwide — should not center on whether the government needs such a system but on

how it should be built.

Unfortunately, such a system — once called the Federal Intrusion Detection

Network and now named the Automated Intrusion Detection Capability — faces

several formidable obstacles. The technology required would be some of the

most advanced available. But agencies worry about retributions that may

come from submitting embarrassing security breaches to an outside agency.

And Congress wrings its hands over a system that may open up Americans'

private transactions with government to outside eyes.But the fact of the

matter is that such a system is needed to protect private data such as Social

Security numbers, individual health data, and nuclear weapons information.

As government conducts more business online, an effective system that

monitors cyberattacks and gets the word out on how best to patch security

holes will be needed more than ever.

To be sure, certain privacy concerns — especially concerning when and

how law enforcement agencies such as the FBI will be involved when cyberattacks

are reported — must be carefully thought out. As pointed out by a security

expert in this week's cover story (Page 18), the government doesn't want

another Wen Ho Lee incident, in which the government's zeal to secure computers

overruns individuals' rights. But those who oppose the monitoring system

for privacy reasons put at risk the very privacy they seek to protect.

Officials with the Critical Information Assurance Office have met with

several members of Congress and their staffs to allay privacy concerns and

explain exactly what the monitoring system will and will not do. The CIAO

may think about doing the same with agencies and offer assurances about

how the security data they submit to it will be used.

If Congress genuinely believes in protecting Americans' privacy, it

must adequately fund a security monitoring system. And if agencies want

to do the same, they should support the system, too.

About the Author

Connect with the FCW staff on Twitter @FCWnow.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.