Feds plan cybersecurity center
The White House is denying it's looking to monitor data as part of the president's National Plan for Protecting Cyberspace.
Computerworld - Washington
As the White House last week began putting the final touches on its long-awaited National Plan for Protecting Cyberspace, administration officials took issue with a press report that suggested the plan would include provisions to expand the government's data collection and surveillance.
The plan, which is scheduled to be released Sept. 18 during a ceremony at Stanford University, does include a provision to build a cybersecurity network operations center. However, a published report suggesting that the NOC would collect and examine e-mail and data traffic from major Internet service providers and other private-sector companies is misleading and inaccurate, said Tiffany Olson, an assistant to Richard Clarke, chairman of the President's Critical Infrastructure Protection Board and the principal force behind the strategy.
Olson said the published report is necessarily inaccurate because the plan hasn't even been finished.
"There were many initial drafts, and many organizations provided input," she said. "But we've just started to finalize it this week."
The concept of developing a federal NOC is definitely in the strategy, but not with the aim of gathering e-mail data or expanding government surveillance, Olson said. Rather, the federal NOC would be modeled after the Bethesda, Md.-based SANS Institute's Incidents.org Web site and Internet Storm Center, a virtual organization of advanced intrusion-detection analysts, forensics experts and incident handlers from across the globe.
Howard Schmidt, co-chairman of the Critical Infrastructure Protection Board, told Computerworld last week that the plan is to simply ask for greater voluntary data sharing on matters such as viruses and worms. He also stressed that establishing a central NOC isn't part of a plan to increase the government's surveillance of private data.
Schmidt said the need for a central government NOC stems from the lack of a single collection point where government security can be analyzed. This central NOC would collect data from other government NOCs, such as the FBI's National Infrastructure Protection Center and the Pentagon's Joint Task Force for Computer Network Defense.
These NOCs, in turn, would function in a fashion similar to the private sector's Information Sharing and Analysis Centers (ISAC)alliances formed within vertical industries to improve information sharing about security vulnerabilities and threats.
The SANS Storm Center uses advanced data correlation and visualization techniques to analyze data collected from more than 3,000 firewalls and intrusion-detection systems in more than 60 countries. "We're hoping the [ISACs] one day establish their own independent Storm Center network," said Alan Paller, director of the SANS Institute.
And that may be much easier to do now that Redwood City, Calif.-based Check Point Software Technologies Ltd., which operates more than 63% of all firewalls worldwide, is adding a Storm Center client in every one of its 260,000 gateways, said Paller. "That means anyone who wants to set up a Storm Center network can just tell their members to turn on the client and point it to their network node," he said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Gov't Legislation/Regulation White Papers | Webcasts