Homeland cybersecurity plans hailed

Department of Homeland Security

Cybersecurity officials praised the Bush administration's plans for the Information Analysis and Infrastructure Protection Division in the proposed Homeland Security Department, but warned that the details of fitting many organizations together must be carefully considered.

Testifying before the House Government Reform Committee June 11, the leaders of the Critical Infrastructure Assurance Office (CIAO) and members of the FBI's Cyber Division said that bringing together the many organizations involved in protection and analysis will strengthen the cooperation that they had begun fostering during the past few years.

In fact, the Commerce Department, where the CIAO is located, was already working with the White House to co-locate with the Office of Homeland Security's cybersecurity organization, said John Tritak, director of the CIAO. The CIAO provides outreach and oversight, along with a tool designed to assess infrastructure vulnerabilities and prioritize protection plans.

The CIAO also would bring another important function to the new department, Tritak said. The president's fiscal 2003 homeland security budget request included $20 million to establish an Information Integration Program Office within the CIAO to develop and implement an information architecture to support information sharing and analysis across government.

Only a portion of the FBI's Cyber Division would be moving to the new department under the administration's plan, said Larry Mefford, assistant director of the division. The National Infrastructure Protection Center's (NIPC) multiagency analysis and warning function, which already works closely with the CIAO and other organizations, would be combined in the new division.

However, the NIPC works closely with other parts of the FBI's Cyber Division, and it will be important to figure out how the new department will continue that relationship, Mefford said.

The General Services Administration's Federal Computer Incident Response Center (FedCIRC) also is part of the new division in the White House plan, but so far the agency has received no details about how the center would contribute or how the transfer would take place, a GSA official who asked not to be named told Federal Computer Week.

Earlier this year, the White House considered bringing FedCIRC into the combined cybersecurity center with the CIAO, but the idea was rejected at the time because of infrastructure investments made by FedCIRC to its current offices. That issue must still be considered, the official said.