DHS reveals some plans on cybersecurity effort

The Homeland Security Department has released more information about its role in the highly classified Comprehensive National Cybersecurity Initiative (CNCI). However, much still remains unknown about the multiyear, multiagency effort to secure federal cyber networks. DHS plays a leading role in the CNCI.

In one area, DHS said it initially would judge CNCI’s execution on how quickly intrusion detection sensors are deployed throughout the federal government's information technology networks. The sensors are part of the EINSTEIN system that DHS uses to track unauthorized access into agencies'  networks.

Many of the details of the initiative remain classified, and the Senate Homeland Security and Governmental Affairs Committee in May asked DHS for further clarification on its roles in the CNCI. The committee released a redacted version of DHS' original answers to those questions July 31.

President Bush launched the initiative with a classified presidential directive in January and since then when asked about CNCI, DHS officials have mentioned EINSTEIN's efforts, as well as the Office of Management and Budget’s efforts to reduce the government's number of Internet connections.

The department is planning on implementing a new version of the intrusion detection and alert system — EINSTEIN 2 — designed monitor agencies’ Internet access points for malicious activity and capture intrusion data along with data transmitted in proximity to an alert. Officials also outlined steps they were taking to ensure that personally identifiable information was not put at risk by the new enhanced sensors.

DHS published a privacy impact assessment on the program in May and plans to begin deployment of the new system later this summer. DHS said it would not release publicly any data on plans or upgrades to the EINSTEIN program because they were classified.

DHS did not announce any additional programs and gave little in the way of specific details on how the CNCI would be carried out. However, the answers did provide information about how the department plans to judge the success of the program.

To measure CNCI’s success, DHS told the Senate committee it is also considering measuring:

  • The resolution rate of cyber incidents.

  • The average resolution time for reported incidents.

  • The average time needed to publish cyber alerts.

  • The number of education programs that DHS is conducting.

  • The number of planning tests and exercises conducting by civilian agencies.

The answers to questions regarding contractors’ roles in the department's cybersecurity efforts were almost entirely removed from the version released to the public. Some lawmakers have expressed anxiety over how heavily contractors would be relied on in the initiative.

DHS did say that to implement the unclassified portions of CNCI, it is also in the process of converting 50 contractor employees to federal positions.

About the Author

Ben Bain is a reporter for Federal Computer Week.


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.