Homeland Security to direct cybersecurity initiative

The Homeland Security Department will lead President Bush's largely classified governmentwide cybersecurity initiative, an agency official said on Monday morning.

Comment on this article in The Forum.Paul Schneider, deputy secretary of DHS, told attendees of an Information Technology Association of America forum in Washington that DHS will coordinate "the protection of federal networks" that fall within the .gov, .mil and .ic domains. Robert Jamison, undersecretary for national protection and programs at DHS, will direct the effort, and the Defense Department and intelligence agencies will play a supporting role.

Until Monday, the administration had not clarified which agency would take the reins of the 12-part Comprehensive Cybersecurity Initiative, signed into law by President Bush in January 2008.

"We've put in place clear lines of authority," Schneider said. "Cybersecurity is not exclusively a federal responsibility that we can unilaterally impose. The reality is [that] no single person or entity controls the [cyber environment], and therefore there is no single person that can protect it. [But] our first priority is to make sure our house is in order."

Initially, DHS officials will focus on guarding the perimeter of civilian federal computer networks, primarily through the Trusted Internet Connection initiative, which seeks to reduce network access points to fewer than 100. The United States Computer Emergency Readiness Team, or US-CERT, will watch for intrusions using Einstein, an automated system that monitors online activity and collects, correlates, analyzes and shares information. Enhancements to Einstein will help officials prevent breaches rather than merely detect them.

Information US-CERT collects will go to the National Cybersecurity Center, which will establish common security processes and priorities across civilian, defense and intelligence agencies, Schneider said.

The center "will act as the hub for cross domain awareness by agencies that have [cybersecurity] responsibilities," he noted.

He also emphasized that the cyber initiative won't come to a halt once the new administration takes office. Most key players will maintain their roles regardless of the election results, he said.

"The people running programs today will be running the programs on Jan. 21 and Jan. 22," Schneider said, adding that more information about the specifics of the program will be released soon. "This business of transition -- I don't see that as an issue."