DHS reveals some plans on cybersecurity effort

The Homeland Security Department has released more information about its role in the highly classified Comprehensive National Cybersecurity Initiative (CNCI). However, much still remains unknown about the multiyear, multiagency effort to secure federal cyber networks. DHS plays a leading role in the CNCI.

In one area, DHS said it initially would judge CNCI’s execution on how quickly intrusion detection sensors are deployed throughout the federal government's information technology networks. The sensors are part of the EINSTEIN system that DHS uses to track unauthorized access into agencies'  networks.

Many of the details of the initiative remain classified, and the Senate Homeland Security and Governmental Affairs Committee in May asked DHS for further clarification on its roles in the CNCI. The committee released a redacted version of DHS' original answers to those questions July 31.

President Bush launched the initiative with a classified presidential directive in January and since then when asked about CNCI, DHS officials have mentioned EINSTEIN's efforts, as well as the Office of Management and Budget’s efforts to reduce the government's number of Internet connections.

The department is planning on implementing a new version of the intrusion detection and alert system — EINSTEIN 2 — designed monitor agencies’ Internet access points for malicious activity and capture intrusion data along with data transmitted in proximity to an alert. Officials also outlined steps they were taking to ensure that personally identifiable information was not put at risk by the new enhanced sensors.

DHS published a privacy impact assessment on the program in May and plans to begin deployment of the new system later this summer. DHS said it would not release publicly any data on plans or upgrades to the EINSTEIN program because they were classified.

DHS did not announce any additional programs and gave little in the way of specific details on how the CNCI would be carried out. However, the answers did provide information about how the department plans to judge the success of the program.

To measure CNCI’s success, DHS told the Senate committee it is also considering measuring:



  • The resolution rate of cyber incidents.

  • The average resolution time for reported incidents.

  • The average time needed to publish cyber alerts.

  • The number of education programs that DHS is conducting.

  • The number of planning tests and exercises conducting by civilian agencies.



The answers to questions regarding contractors’ roles in the department's cybersecurity efforts were almost entirely removed from the version released to the public. Some lawmakers have expressed anxiety over how heavily contractors would be relied on in the initiative.

DHS did say that to implement the unclassified portions of CNCI, it is also in the process of converting 50 contractor employees to federal positions.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.