Chertoff: Cyber defense must be wider
- By Doug Beizer
- Dec 10, 2008
Cyberattacks against government and commercial networks aren't limited
to traditional frontal attacks that attempt to create intrusion though
vulnerabilities, Homeland Security Secretary Michael Chertoff said
today at an event sponsored by AFCEA.
“We have to ensure we’re
protecting against the full spectrum of threats,” Chertoff said.
“Everybody thinks about cybersecurity as network attacks, but we have
to look end to end at the entire architecture to make sure we are in
fact protecting ourselves.”
In a global economy where hardware
and software are developed across the world, new and difficult-to-find
vulnerabilities could affect government and commercial systems, he
Chertoff said the Bush administration has begun a
foundation to help the incoming administration, adding, “I do think
we’ve launched a strategy that is robust and that has laid out a major
pathway. It has just started the process of moving us to a more secure
cyberspace. We’ve got a lot of good coordination under our belts.” His
remarks came at the fourth installment of AFCEA’s Solutions Series
An educated workforce is important in fighting the new
threats, Chertoff said. “We have to shape the future environment by
educating the next generation of cyber professionals and by [doing
that], looking to see if we can spur leap-ahead technology to protect
our cyber assets and interests.”
Another important step needed
to protect cyber systems is to recognize that civilian domains have
literally thousands of points of access to the Internet.
need to reduce that number of trusted Internet connections so we can
get a handle on the flow of traffic that it is coming in and out of the
federal domain,” Chertoff said.
Chertoff also warned that the
nation's economic downturn could increase cyber attacks by insiders,
saying a disgruntled insider could use a thumb drive in an
organization’s enterprise to steal information or passwords.
is likely to become an increasing risk in an environment where people
are being, I guess they say, downsized, because sometimes people aren’t
happy about having their jobs terminated,” Chertoff said. “They may
decide to manifest that unhappiness in a destructive way. This is
really low-tech stuff, but equally important.”
Doug Beizer is a staff writer for Federal Computer Week.