Bring back detection system
About a year ago, the federal government caved to political pressure and killed a plan to create a governmentwide system for monitoring agency networks for security breaches. Controversy killed the program, now common sense should bring it back.
The system, originally dubbed the Federal Intrusion Detection Network (FIDNet), failed to win the backing of agency officials, who blanched at the idea of turning over such sensitive information to an outside party. The proposal also provoked an outcry from privacy advocates, who feared that it would be used to monitor the activities of private individuals conducting business with agencies online.
No one should blame the General Services Administration, which formulated the plan, for giving it up last time. The dearth of support inside government made it tough to withstand the criticism, warranted or not, from the outside.
But the stakes are higher now. Security experts tell us that in recent years, traditional conflicts among countries almost always have been followed by cyberattacks on government systems and that there's no reason to expect the current conflict will be any different.
A governmentwide intrusion- detection network is a potentially power.ful defense. Data collected by such a system would make it easier for security experts to analyze patterns of attack and formulate the best response. Numerous agencies have installed their own such systems, but those systems will never realize the full benefits that a governmentwide system would bring.
Statistically speaking, individual agencies have much less data to analyze, making it more difficult to detect patterns. Politically speaking, a central office set up to analyze data would be much more likely to relay information about attacks on one agency to other agencies, so they can take preventive measures.
People who already are concerned about the erosion of privacy in the wake of homeland security undoubtedly would not welcome the return of FIDNet. But such a concept is the best available tool for keeping up with the constantly evolving nature of cyberthreats, and it does not have to compromise privacy. Given the real urgency behind network security these days, it would be worth the government's while to make its case and make it stick this time.