More growing pains seen at DHS

Computerworld - PALM DESERT, Calif. -- A private-sector group that developed a way to collect and analyze real-time security incident data throughout the U.S. economy may drop plans to work with the Department of Homeland Security (DHS) after the agency botched a high-level executive briefing on the program, according to an internal association memo obtained by Computerworld.
The meeting took place Feb. 27 between three high-level executives from the Cyber Incident Detection and Data Analysis Center (CIDDAC) and a group of senior officials from the DHS, including the agency's chief technology officer. CIDDAC is a Philadelphia-based volunteer partnership of more than a dozen IT vendors, user companies and the FBI's InfraGard program. The purpose of the meeting was to brief the DHS on the status and capabilities of CIDDAC's real-time cyberattack detection sensors.
But when CIDDAC representatives arrived, they were met by what was described in the memo as something akin to a Marx Brothers skit.
After failing to find an available conference room for the briefing, representatives from the DHS Infrastructure Analysis & Infrastructure Protection directorate forced the CIDDAC representatives to give their briefing in a hallway as it was being vacuumed by a cleaning crew. When the CIDDAC officials finished, DHS representatives acknowledged an immediate need for the data but said they didn't have the authority to issue a letter of interest in the program. They also said the program didn't qualify for DHS grant money, according to the association memo.
In an interview, Charles "Buck" Fleming, acting executive director of CIDDAC and CEO of AdminForce LLC in Boulder, Colo., confirmed the events.
"Our recent visit to DHS firmed our conviction that the private sector needs to lead in finding the answers to secure use of the Internet and the development of methods to assess threat levels to our nation's critical infrastructure," said Fleming. "We were there [to show them] that CIDDAC has a program that will give them useful data that is currently unavailable to them. We really don't seek their funding, only a written recognition of their verbal acknowledgment that CIDDAC is on a useful path.
"But the inability to get this small nonbinding recognition of our effort in a timely fashion indicates the wide gulf that needs to be closed before useful, cooperative development can take place," he said.

While an endorsement from the DHS could have helped move the CIDDAC program from testing to full operational status "within months," Fleming suggested that CIDDAC "reject their involvement at the front end ... [and] continue with a total