Senators call on DHS to improve cybersecurity efforts
IDG News Service -
WASHINGTON -- The U.S. Department of Homeland Security needs to develop a recovery plan for widespread attack on the Internet, and it needs stable leadership in cybersecurity, a government investigator told a U.S. Senate subcommittee yesterday.
While the DHS can track Internet threats, it doesn't have an Internet recovery plan or a national cybersecurity threat assessment, said David Powner, director of IT management at the U.S. Government Accountability Office (GAO). The DHS is making progress but more work needs to be done, he told a subcommittee of the Senate Homeland Security and Governmental Affairs Committee.
"Until DHS addresses its many challenges ... it cannot function as a cybersecurity focal point for coordinating federal law and policy," Powner added. "The result is an increased risk, and large portions of our critical infrastructure are unprepared to effectively handle a cybersecurity attack."
Senators echoed Powner's criticisms, first outlined in a GAO report released in May.
"The United States does not currently have a robust ability to detect a coordinated attack on our critical infrastructure, nor does it have a measurable recovery and reconstitution plan for key mechanisms of the Internet and telecommunications system," said Sen. Tom Coburn, an Oklahoma Republican and chairman of the Federal Financial Management, Government Information and International Security Subcommittee.
The DHS is working hard to improve the nation's cybersecurity efforts, said Andy Purdy, acting director of the DHS National Cyber Security Division. Purdy outlined several efforts under way at DHS. A draft of a national infrastructure vulnerability assessment, including a cybersecurity assessment, should be completed within a couple of months, and the DHS Internet Disruption Working Group is working on a plan for Internet recovery after a major attack, he said.
The cyber division is also supporting efforts to push IPv6, a more secure version of the current Internet Protocol, Purdy said. The division is encouraging software vendors to create more secure products, and it plans to renew efforts to work with other agencies and private companies to identify the most significant cyber attack possibilities, he said.
Purdy also noted that DHS Secretary Michael Chertoff announced last week that he would create a new position, an assistant secretary for cyber and telecommunications security. Purdy told senators that a new high-level cybersecurity leader should end high turnover in the cyber division's leadership, and the new assistant secretary will "accelerate" cybersecurity efforts.
"We believe [the GAO report] has provided a fair assessment of the progress to date and agree that while considerable work has been done, much work remains to meet
Reprinted with permission from
Story copyright 2009 International Data Group. All rights reserved.
Security
Additional Resources



White Papers & Webcasts
Share our Strength
Download Now
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Top 10 Things to Know about Data Protection
Download Now
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...
Ponemon Study: The Business Risk of a Lost Laptop
Download Now
Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.
Airport Insecurity: The Case of Lost Laptops
Download Now
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
