Chertoff: Cyber defense must be wider

Cyberattacks against government and commercial networks aren't limited to traditional frontal attacks that attempt to create intrusion though vulnerabilities,  Homeland Security Secretary Michael Chertoff said today at an event sponsored by AFCEA.

“We have to ensure we’re protecting against the full spectrum of threats,” Chertoff said. “Everybody thinks about cybersecurity as network attacks, but we have to look end to end at the entire architecture to make sure we are in fact protecting ourselves.”

In a global economy where hardware and software are developed across the world, new and difficult-to-find vulnerabilities could affect government and commercial systems, he said.

Chertoff said the Bush administration has begun a foundation to help the incoming administration, adding, “I do think we’ve launched a strategy that is robust and that has laid out a major pathway. It has just started the process of moving us to a more secure cyberspace. We’ve got a lot of good coordination under our belts.” His remarks came at the fourth installment of AFCEA’s Solutions Series forums.

An educated workforce is important in fighting the new threats, Chertoff said. “We have to shape the future environment by educating the next generation of cyber professionals and by [doing that], looking to see if we can spur leap-ahead technology to protect our cyber assets and interests.”

Another important step needed to protect cyber systems is to recognize that civilian domains have literally thousands of points of access to the Internet.

“We need to reduce that number of trusted Internet connections so we can get a handle on the flow of traffic that it is coming in and out of the federal domain,” Chertoff said.

Chertoff also warned that the nation's economic downturn could increase cyber attacks by insiders, saying a disgruntled insider could use a thumb drive in an organization’s enterprise to steal information or passwords.

“This is likely to become an increasing risk in an environment where people are being, I guess they say, downsized, because sometimes people aren’t happy about having their jobs terminated,” Chertoff said. “They may decide to manifest that unhappiness in a destructive way. This is really low-tech stuff, but equally important.”

About the Author

Doug Beizer is a staff writer for Federal Computer Week.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.