DHS reveals some plans on cybersecurity effort

The Homeland Security Department has released more information about its role in the highly classified Comprehensive National Cybersecurity Initiative (CNCI). However, much still remains unknown about the multiyear, multiagency effort to secure federal cyber networks. DHS plays a leading role in the CNCI.

In one area, DHS said it initially would judge CNCI’s execution on how quickly intrusion detection sensors are deployed throughout the federal government's information technology networks. The sensors are part of the EINSTEIN system that DHS uses to track unauthorized access into agencies'  networks.

Many of the details of the initiative remain classified, and the Senate Homeland Security and Governmental Affairs Committee in May asked DHS for further clarification on its roles in the CNCI. The committee released a redacted version of DHS' original answers to those questions July 31.

President Bush launched the initiative with a classified presidential directive in January and since then when asked about CNCI, DHS officials have mentioned EINSTEIN's efforts, as well as the Office of Management and Budget’s efforts to reduce the government's number of Internet connections.

The department is planning on implementing a new version of the intrusion detection and alert system — EINSTEIN 2 — designed monitor agencies’ Internet access points for malicious activity and capture intrusion data along with data transmitted in proximity to an alert. Officials also outlined steps they were taking to ensure that personally identifiable information was not put at risk by the new enhanced sensors.

DHS published a privacy impact assessment on the program in May and plans to begin deployment of the new system later this summer. DHS said it would not release publicly any data on plans or upgrades to the EINSTEIN program because they were classified.

DHS did not announce any additional programs and gave little in the way of specific details on how the CNCI would be carried out. However, the answers did provide information about how the department plans to judge the success of the program.

To measure CNCI’s success, DHS told the Senate committee it is also considering measuring:

  • The resolution rate of cyber incidents.

  • The average resolution time for reported incidents.

  • The average time needed to publish cyber alerts.

  • The number of education programs that DHS is conducting.

  • The number of planning tests and exercises conducting by civilian agencies.

The answers to questions regarding contractors’ roles in the department's cybersecurity efforts were almost entirely removed from the version released to the public. Some lawmakers have expressed anxiety over how heavily contractors would be relied on in the initiative.

DHS did say that to implement the unclassified portions of CNCI, it is also in the process of converting 50 contractor employees to federal positions.

About the Author

Ben Bain is a reporter for Federal Computer Week.


    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.