Cybersecurity

White House defends Einstein firewall

Michael Daniel speaking at the Atlantic Council's

Michael Daniel defended the multibillion-dollar Einstein program and said, "It's not something that we can walk away from."

Obama administration officials are defending the multibillion-dollar intrusion-detection program known as Einstein after a Government Accountability Office audit found it far from sufficient for federal cyber defense.

"I still find Einstein to be a very credible and solid piece of our defenses, and...it's not something that we can walk away from," Michael Daniel, President Barack Obama's top cybersecurity adviser, told reporters on Feb. 11.

The federal government operates an "incredible array of legacy systems that if we were in the private sector we would probably just write off," Daniel said at the New America think tank in Washington. "But the government can't just do that," he added while defending the need for the signature-based threat-detection program that is now in its third iteration.

The GAO report found that Einstein provides a "limited ability to detect potentially malicious activity entering and exiting computer networks at federal agencies." Furthermore, the program "does not monitor several types of network traffic, and its 'signatures' do not address threats that exploit many common security vulnerabilities and thus may be less effective."

Daniel would not comment when asked if he agreed with GAO's findings.

Phyllis Schneck, the Department of Homeland Security's deputy undersecretary for cybersecurity and communications, said Einstein draws on classified information to block intrusions, which gives the system an advantage over private-sector programs.

When she joined DHS from McAfee in 2013, she said set about studying the Einstein program and concluded that its underlying technology was sound but older than officials had assumed.

Nonetheless, the program's comprehensive view of inbound and outbound traffic at civilian agencies is vital because of the situational awareness it provides, Schneck said.

After the massive breach of Office of Personnel Management systems exposed the personal information of some 22 million people, administration officials touted Einstein as part of what they said was their proactive approach to cybersecurity.

In July 2015, DHS Secretary Jeh Johnson ordered the acceleration of Einstein's deployment at agencies. In a statement responding to GAO's new report on Einstein, he said the program's third iteration -- Einstein 3a -- is now available to "100 percent of the government" and has blocked more than 700,000 cyberthreats.

A confidential report by DHS and the FBI on lessons learned from the OPM hack advises that moving beyond a signature-based threat-detection system would increase an agency's ability to cope with sophisticated threats.

Administration officials have long emphasized that Einstein is only a tool and not a panacea. The program is part of much larger defense-in-depth strategy at federal agencies, Schneck said.

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


Featured

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.