Defense, intelligence could take major role in cyber defense

The Bush administration this week could release its ambitious plan to defend government networks from cyberattacks, but recent news reports and a February 2008 budget supplement indicates that the Defense Department and intelligence agencies could lead the effort.

Comment on this article in The Forum.The National Coordination Office for Networking and Information Technology Research and Development, a consortium of more than a dozen federal agencies, asked for a 4 percent increase in funding primarily to improve the operating systems, cryptography and identity management systems that enable networks of national significance to function while under attack, according to a supplement to the Bush administration's fiscal 2009 budget request.

The office will focus on developing technologies needed to support defense and civilian agency networks as well as those key to other national priorities, such as systems that sustain private sector economic competitiveness, according to NCO. The office asked for $279.8 million for fiscal 2009, up 4 percent from $268.7 million in fiscal 2008.

The Bush administration recently indicated that it may announce this week plans to tap the intelligence community's capabilities to defend networks throughout the federal government as part of a classified national cybersecurity initiative. The administration plans to release more information on the initiative's goals, on which few in government have been briefed.

Last week, Sens. Joe Lieberman, I-Conn., chairman of the Committee on Homeland Security and Governmental Affairs, and ranking member Susan Collins, R-Maine,

sent a letter to Michael Chertoff, secretary of the Homeland Security Department, asking for more information about the initiative.

Dale Meyerrose, deputy director and chief information officer for National Intelligence, told Government Executive in March that Mike McConnell, director of National Intelligence, developed the cyber initiative, which is intended to apply the same cyber defense systems found on Defense and intelligence networks to the networks operated by civilian agencies. Meyerrose said the same protection could be extended to the commercial sector.

The cyber defense research effort will mostly be a Defense and intelligence agency effort, according to the National Coordination Office. The Defense Advanced Research Projects Agency, the Office of Naval Research, the National Security Agency and the Air Force Research Laboratory will work to develop software assurance technologies to ensure the viability of critical software, including software used in weapons systems. Last November the Defense Science Board reported that software developed in foreign countries puts federal information systems at risk of being hacked.

Only a few civilian agencies will work with Defense and intelligence agencies on research projects that will help the government defend its networks, according to the office's budget request. Those four agencies, together with the Army Research Office, the National Institute of Standards and Technology, and NASA will develop technologies to bolster computer network defenses and create tools for situational awareness and ways to determine the risk that government networks could be attacked, NCO said.

The National Security Agency and Defense research organizations will design systems to support secure information sharing across multiple networks, platforms and security levels. The 9/11 commission called for a cultural shift to encourage information sharing.

Longer-term priorities, the National Coordination Office said, include establishing a policy-based security management infrastructure for processing, storing and communicating sensitive information and security for emerging network technologies such as mobile, wireless and pervasive computing systems.

Placing the responsibility for a national cybersecurity plan mostly with Defense and intelligence agencies could shut out the Homeland Security Department from any major research role in cyber defense, an indication that the Bush administration might not have full confidence in the department's ability to defend federal networks from cyberattacks, security analysts said.

Philip Coyle, senior adviser with the Center for Defense Information, a security policy research organization in Washington, said the department's absence from much of the cyber research program "says more about [DHS'] lack of ability to articulate a role for themselves than about a lack of need. Combating cyber terrorism is certainly something in which DHS ought to have a role."

Steven Aftergood, director of the Project on Government Secrecy at the Federation of American Scientists, said DHS has a relatively modest cyber research support role, "perhaps reflecting its limited capabilities in this area."