Obama administration partially lifts secrecy on classified cybersecurity project
Move part of bid to be more transparent, White House cybersecurity advisor says at RSA
Computerworld - SAN FRANCISCO -- President Barack Obama's administration has declassified portions of the highly secret multibillion-dollar Comprehensive National Cybersecurity Initiative (CNCI), which was launched by the Bush administration as part of an effort to defend American interests in cyberspace.
As of noon Pacific time today, a document (PDF) providing high-level details of the initiative was posted on the WhiteHouse.gov Web site. Some of the information provided in the five-page document was already known, but there is also fresh material.
For instance, the document shows that the government is working on developing a next-generation intrusion-prevention system called Einstein 3, for civilian departments and agencies of the federal executive branch. Similarly, it shows that the government is developing a cyber-counterintelligence strategy specifically to mitigate threats from overseas adversaries.
The administration's decision to declassify portions of the 12-point program was announced today at the RSA Security Conference by Howard Schmidt, who was recently appointed as White House cybersecurity adviser.
In a keynote address, Schmidt said the government had decided to lift the veil of secrecy that has shrouded the CNCI for the past two years, as part of its commitment to open government and transparency.
Such a move is important for fostering the closer partnership between the private sector and the government that is needed to fight cyberthreats, he said. "Transparency and partnership are concepts that go hand in hand," Schmidt said at the conference.
The government's decision is likely to be welcomed by security experts. Even though the document posted today offered few specific details, it at least provides some insight into where the government will be pouring hundreds of millions of cybersecurity dollars over the next few years.
As previously understood, under the CNCI all civilian federal agencies are consolidating external access points, including those to the Internet, as part of an effort to reduce their exposure to Internet-borne threats. More than 4,300 external connections are being consolidated to about 100. The network will then be monitored by an upgraded version of a federal network intrusion-detection technology called Einstein.
The new version of Einstein, called Einstein 2, will use signature-based sensors to inspect all Internet traffic entering federal systems for malicious content.
The document released today reveals that in addition to Einstein 2, the government is also developing Einstein 3, a network intrusion-prevention system based on technology developed at the National Security Agency. The Department of Homeland Security is currently piloting the technology, which will be used by the U.S. Computer Emergency Response Team (US-CERT) to respond to network intrusions.
Under CNCI, the federal government is also working on developing a strategy for deterring "interference and attack" on U.S. cyberassets. The goal of the effort is to enhance advance-warning capabilities and to develop an effective deterrent response to attacks against federal and critical infrastructure targets.
- Security execs express surprise over CISO's firing following RSA talk
- Security industry faces attacks it cannot stop
- Pennsylvania fires CISO over RSA talk
- Google attacks, Web 2.0 fuel FUD at RSA
- Analysis: Does the storm over cloud security mean opportunity?
- Microsoft's tax-for-hacks 'horrible' idea, say security experts
- FBI Director: Hackers have corrupted valuable data
- CISOs rain on cloud-computing parade at RSA
- FBI embeds cyber-investigators in Ukraine, Estonia
- Tweet this: Social network security is risky business



- Excel 2010 Cheat Sheet
- Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.
- Streamline Compliance and Increase ROI
- Streamline, simplify, and automate compliance related activities; especially those that impact multiple business units. This white paper from NetIQ, outlines solutions that will...
- Protecting Point of Sale Systems from Targeted Attack
- If you are responsible for protecting retail systems, download this case study to learn how this retailer eliminated the threat of malware on...
- From the Frontline - Preventing APT
- Is your company's network secure? Are your endpoints and servers secured? Before you answer, read this case study on a US Military Command...
- Stop Hackers Before They Attack
- Hacktivism, Identify Theft, Financial Gain, Cyber War - regardless of motivation, stopping today's hackers requires a new proactive approach to protecting endpoints. Learn...
- The four rules of complete web protection
- As an IT manager you've always known the web is a dangerous place. But with infections growing and the demands on your time... All Cybercrime and Hacking White Papers
- WikiLeaks: How am I Affected?
- The latest WikiLeaks episode has raised questions about how organizations and governments protect their sensitive information. While this incident was isolated, it has...
- Optimizing Networks for the Cloud
- Join guest speaker, Rohit Mehra, IDC Director of Enterprise Communications Infrastructure, to explore current trends, discuss best practices for optimizing Data Center and...
- Apps QuickStart Series Part 2: Designing and Deploying SQL Server on VMware vSphere
- Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as...
- Apps QuickStart Series Part 1: Designing and Deploying Exchange 2010 on VMware vSphere
- Download this webcast to learn the virtual hardware design considerations for Exchange 2010, deployment using the building block approach, options for high-availability and...
- Customer Spotlight: How IPC The Hospitalist Company Implemented Oracle on VMware
- Have you been looking to hear about customer's experiences with the new VMware vCenter Site Recovery Manager product? View this webcast to learn... All Cybercrime and Hacking Webcasts
