Chertoff: Cyber defense must be wider

Cyberattacks against government and commercial networks aren't limited to traditional frontal attacks that attempt to create intrusion though vulnerabilities,  Homeland Security Secretary Michael Chertoff said today at an event sponsored by AFCEA.

“We have to ensure we’re protecting against the full spectrum of threats,” Chertoff said. “Everybody thinks about cybersecurity as network attacks, but we have to look end to end at the entire architecture to make sure we are in fact protecting ourselves.”

In a global economy where hardware and software are developed across the world, new and difficult-to-find vulnerabilities could affect government and commercial systems, he said.

Chertoff said the Bush administration has begun a foundation to help the incoming administration, adding, “I do think we’ve launched a strategy that is robust and that has laid out a major pathway. It has just started the process of moving us to a more secure cyberspace. We’ve got a lot of good coordination under our belts.” His remarks came at the fourth installment of AFCEA’s Solutions Series forums.

An educated workforce is important in fighting the new threats, Chertoff said. “We have to shape the future environment by educating the next generation of cyber professionals and by [doing that], looking to see if we can spur leap-ahead technology to protect our cyber assets and interests.”

Another important step needed to protect cyber systems is to recognize that civilian domains have literally thousands of points of access to the Internet.

“We need to reduce that number of trusted Internet connections so we can get a handle on the flow of traffic that it is coming in and out of the federal domain,” Chertoff said.

Chertoff also warned that the nation's economic downturn could increase cyber attacks by insiders, saying a disgruntled insider could use a thumb drive in an organization’s enterprise to steal information or passwords.

“This is likely to become an increasing risk in an environment where people are being, I guess they say, downsized, because sometimes people aren’t happy about having their jobs terminated,” Chertoff said. “They may decide to manifest that unhappiness in a destructive way. This is really low-tech stuff, but equally important.”

About the Author

Doug Beizer is a staff writer for Federal Computer Week.

Featured

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

  • IT Modernization
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    VA plans 'strategic review' of $16B software program

    New Veterans Affairs chief Denis McDonough announced a "strategic review" of the agency's Electronic Health Record Modernization program of up to 12 weeks.

Stay Connected