Cybersecurity

DHS rolls out Einstein intrusion detection

einstein

The Homeland Security Department went live this week with its Einstein 3 automated intrusion detection system, the latest iteration of a continuous monitoring program designed to protect government agencies from malicious cyber activities.

Einstein 3 builds on the two previous versions of the DHS-managed security service, now offering capabilities that go beyond observing network information flow and signature-based threat detection. The new form of the program works with Internet service providers to detect malicious traffic and stop it. The program additionally provides officials with key decision-making information shared among participating organizations.

"We're going to get a lot of perimeter information from Einstein 3," Bobbie Stempfley, acting assistant secretary of DHS' Office of Cybersecurity and Communications, said at an industry event in Washington on July 24, the day of the roll-out. "We've got these information exchanges that we do with departments and agencies, with companies. We get information in, we share that back out with security operations centers across the enterprise and with the other security centers in the critical infrastructure entities. So we've got this information flowing that's actionable, it's good. We have to make decisions – information is useful only when it's actionable and when it helps you make better decisions."

Einstein initially launched in 2004, with Einstein 2 following in 2008. Einstein 2 is deployed at roughly 70 government agencies, and is expected to be fielded at 70 percent of executive branch agencies by the end of fiscal 2013, according to FCW sister publication GCN.

Stempfley declined to identify the first agency to go live with Einstein 3, but she did say the Veterans Affairs Department would be the next, most likely by mid-August.

DHS provides the continuous diagnostics and mitigation services to users that enter into memorandums of agreement. So far, 20 of 23 of major departments and agencies have signed the MOAs – a major feat for federal cybersecurity, Stempfley said

"Three years ago when I walked in the door and we were working on Einstein, I could not have said that," she said. "We're in a different place now. ... Thankfully we're in a place where everybody cares about cybersecurity. We have a ready and waiting audience for when the capability comes out."

Moving away from simple compliance and into more active defense is critical, and the conversations happening today – conversations that not so long ago were not taking place – illustrate the level of buy-in by leadership, she said.

"Let's mature ourselves as a community; let's have not just the technical conversation, but have the more advanced, direct conversations that enable us to make decisions, using all this information," Stempfley said. "As we transition from what we did in the past, our score or grade from the past, to what we're going to be able to do in the future, you have to have all of that insight. We're having these discussions across agencies and we're happy to have the dialog with executives at that CIO level."

 

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group