Feds downplay privacy fears on plan to expand monitoring of government networks
DHS, White House officials say 'Cyber Initiative' is needed to better protect federal systems
Computerworld - The U.S. government's de facto CIO and other federal officials today downplayed privacy concerns related to the expanded monitoring of federal networks that is planned under a multiyear initiative ordered by President Bush to boost cybersecurity at agencies.
Testifying at a hearing held by the House Committee on Homeland Security, officials from the White House Office of Management and Budget (OMB) and the Department of Homeland Security (DHS) said that the increased network monitoring is designed only to improve the government's ability to quickly detect and stop attacks against its networks.
The governmentwide monitoring that is being planned isn't very different from the intrusion-detection and -prevention capabilities implemented across many private-sector networks, said Robert Jamison, undersecretary of the National Protection and Programs Directorate within the DHS.
Jamison said the current version of a network monitoring system called Einstein, which is used by some agencies, is far too passive and doesn't provide the real-time threat-detection capabilities that are needed to thwart attacks. By comparison, the new monitoring plan is aimed at enabling network administrators to detect intrusions and other malicious activity as soon as they occur, he added.
The Einstein system is due to be upgraded and deployed at all agencies as part of the new security effort. Jamison said that all data traffic flowing through agency networks will be checked, and that it will be inspected at a deeper level than Einstein is capable of now.
The expanded monitoring plan is a key part of the so-called Cyber Initiative, which was mandated by Bush in a classified directive that he issued in January. The directive calls on multiple agencies, including the National Security Agency (NSA), to work together to improve the security of federal systems, which has routinely been criticized in congressional report cards and in reports issued by the Government Accountability Office.
Jamison defended the need for better network monitoring at today's hearing. "Our adversaries are very adept at hiding their attacks in normal everyday [network] traffic," he said, adding that the only effective way to deal with the security threats is to deploy a governmentwide intrusion-detection system. Such capabilities already exist within a few agencies, Jamison noted. "It's just not consistent," he said. "That is what we are talking about [now]."
But, he promised, privacy considerations will be kept at the forefront. "I can tell you that privacy and civil rights have been a top focus of this," Jamison said. Privacy impact assessments are being done to help government officials understand all the implications of the expanded network monitoring activities, he added.
Karen Evans, who basically serves as federal CIO in her role as administrator of e-government and IT at the OMB, testified that all of the monitoring work will be done in an open fashion. As far as privacy and security is concerned, "we have been doing all of these activities in a very transparent way" under the existing approach, Evans said. She added that controls are being implemented to ensure that the privacy rights of federal workers and other individuals who access e-government systems are protected in the future as well.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Is Your Big Data Solution Production-Ready? Read "Is Your Big Data Solution Production-Ready?" now, and discover best practices and actionable steps to implementing a production-ready big data solution.
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Endpoint Security White Papers | Webcasts