Feds downplay privacy fears on plan to expand monitoring of government networks
DHS, White House officials say 'Cyber Initiative' is needed to better protect federal systems
Computerworld - The U.S. government's de facto CIO and other federal officials today downplayed privacy concerns related to the expanded monitoring of federal networks that is planned under a multiyear initiative ordered by President Bush to boost cybersecurity at agencies.
Testifying at a hearing held by the House Committee on Homeland Security, officials from the White House Office of Management and Budget (OMB) and the Department of Homeland Security (DHS) said that the increased network monitoring is designed only to improve the government's ability to quickly detect and stop attacks against its networks.
The governmentwide monitoring that is being planned isn't very different from the intrusion-detection and -prevention capabilities implemented across many private-sector networks, said Robert Jamison, undersecretary of the National Protection and Programs Directorate within the DHS.
Jamison said the current version of a network monitoring system called Einstein, which is used by some agencies, is far too passive and doesn't provide the real-time threat-detection capabilities that are needed to thwart attacks. By comparison, the new monitoring plan is aimed at enabling network administrators to detect intrusions and other malicious activity as soon as they occur, he added.
The Einstein system is due to be upgraded and deployed at all agencies as part of the new security effort. Jamison said that all data traffic flowing through agency networks will be checked, and that it will be inspected at a deeper level than Einstein is capable of now.
The expanded monitoring plan is a key part of the so-called Cyber Initiative, which was mandated by Bush in a classified directive that he issued in January. The directive calls on multiple agencies, including the National Security Agency (NSA), to work together to improve the security of federal systems, which has routinely been criticized in congressional report cards and in reports issued by the Government Accountability Office.
Jamison defended the need for better network monitoring at today's hearing. "Our adversaries are very adept at hiding their attacks in normal everyday [network] traffic," he said, adding that the only effective way to deal with the security threats is to deploy a governmentwide intrusion-detection system. Such capabilities already exist within a few agencies, Jamison noted. "It's just not consistent," he said. "That is what we are talking about [now]."
But, he promised, privacy considerations will be kept at the forefront. "I can tell you that privacy and civil rights have been a top focus of this," Jamison said. Privacy impact assessments are being done to help government officials understand all the implications of the expanded network monitoring activities, he added.
Karen Evans, who basically serves as federal CIO in her role as administrator of e-government and IT at the OMB, testified that all of the monitoring work will be done in an open fashion. As far as privacy and security is concerned, "we have been doing all of these activities in a very transparent way" under the existing approach, Evans said. She added that controls are being implemented to ensure that the privacy rights of federal workers and other individuals who access e-government systems are protected in the future as well.
- Combating Identity Theft in a Mobile, Social World Offering identity theft protection and remediation allows businesses to give their workforce the confidence to efficiently engage while bringing financial reward to the...
- After a Breach: Managing Identity Theft Effectively This white paper from LifeLock Business Solutions notes that FIs in addition to managing fraud should strive to turn a negative event for...
- Combating Identity Fraud in a Virtual World This slide presentation reveals findings from the Javelin Strategy & Research 2012 Identity Fraud Report about mobile and social trends, the real risks...
- Securing Mobile App Data - Comparing Containers and App Wrappers Analysts agree that Mobile Device Management (MDM) is not enough when it comes to securing app data. Although it remains a critical component...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Accelerate your innovation with IBM Bluemix™ Join us for a webcast introducing the new IBM BluemixTM. IBM Bluemix (www.bluemix.net) is a developer oriented Platform as a Service (PaaS) environment... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!