Chertoff: Cyber defense must be wider

Cyberattacks against government and commercial networks aren't limited to traditional frontal attacks that attempt to create intrusion though vulnerabilities,  Homeland Security Secretary Michael Chertoff said today at an event sponsored by AFCEA.

“We have to ensure we’re protecting against the full spectrum of threats,” Chertoff said. “Everybody thinks about cybersecurity as network attacks, but we have to look end to end at the entire architecture to make sure we are in fact protecting ourselves.”

In a global economy where hardware and software are developed across the world, new and difficult-to-find vulnerabilities could affect government and commercial systems, he said.

Chertoff said the Bush administration has begun a foundation to help the incoming administration, adding, “I do think we’ve launched a strategy that is robust and that has laid out a major pathway. It has just started the process of moving us to a more secure cyberspace. We’ve got a lot of good coordination under our belts.” His remarks came at the fourth installment of AFCEA’s Solutions Series forums.

An educated workforce is important in fighting the new threats, Chertoff said. “We have to shape the future environment by educating the next generation of cyber professionals and by [doing that], looking to see if we can spur leap-ahead technology to protect our cyber assets and interests.”

Another important step needed to protect cyber systems is to recognize that civilian domains have literally thousands of points of access to the Internet.

“We need to reduce that number of trusted Internet connections so we can get a handle on the flow of traffic that it is coming in and out of the federal domain,” Chertoff said.

Chertoff also warned that the nation's economic downturn could increase cyber attacks by insiders, saying a disgruntled insider could use a thumb drive in an organization’s enterprise to steal information or passwords.

“This is likely to become an increasing risk in an environment where people are being, I guess they say, downsized, because sometimes people aren’t happy about having their jobs terminated,” Chertoff said. “They may decide to manifest that unhappiness in a destructive way. This is really low-tech stuff, but equally important.”

About the Author

Doug Beizer is a staff writer for Federal Computer Week.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.