The Obama Administration is pushing ahead with a series of cybersecurity initiatives to protect critical national infrastructure from attack. At the heart of the process are a series of steps designed to improve how government networks detect and deter intruders, report incidents and work with local and international law enforcement to imprison cyber criminals.
Michael Daniel, special assistant to the president and White House cybersecurity coordinator, explained White House priorities for cybersecurity today at the INSA Cyber Innovation Symposium in Washington, DC. They include: securing federal networks, protecting critical infrastrucure, cyber reporting and response, cyber intelligence, and international engagement.
Daniel also said the government has made progress in securing its networks. To help improve security at the agency level, the administration is launching the Einstein 3 Accelerated (E3A) program for civilian government organizations through the Department of Homeland Security. It is a detection system designed to sniff out more sophisticated network intrusions, allow real time or near-real time analysis by the U.S. Computer Emergency Readiness Team and inform administrators who and what is on the network, Daniel said.
For cyber intelligence, the administration is working on ways to explain the importance of an incident to non-technical personnel. On the agency side, Daniel noted that there is improved cooperation between federal organization.
“Things that took prodding now just happen,” he said.
Daniel also addressed enhancing critical infrastructure in cyberspace, a complex issue because most of it is owned and run by the commercial sector.
One initiative now underway is the Cybersecurity Capability Maturity Model, which allows infrastructure owners and operators assess their cybersecurity capabilities. There is a pilot program underway with the electrical utility subsector. The model provides companies with a set of questions about their cybersecurity, what steps they are taking and what resources they can apply to enhance their security.
A version of the model is available at the Department of Energy’s web site, Daniel said. He noted that the electrical utility sector is encouraging other companies and organizations to participate in the effort.
Improved cyber incident reporting and response is another area that the Obama Administration is working on, Daniel said. Despite improved security, he added that the nation will continue to experience cyber attacks. The goal of the cyber reporting and response effort is to develop better ways to identify and react to cyber incidents.
A recent national level cybersecurity exercise highlighted the need for network security groups to actively share information and identifying critical information networks. DHS is collecting lessons learned from the exercise into a set of recommendations for federal cyberspace groups to follow, he said.
There has also been considerable success in the area of international engagement, Daniel said. He noted that the Internet is global and to effectively deal with cross-border criminal and security challenges, the United States must work with other nations, which requires diplomacy. The administration is working with other nations to develop international policies for cybersecurity, he said.
One recent success on the international level has been a partnership between law enforcement organizations, foreign governments and private sector companies to identify and shut down botnets, he said.
In the long term, Daniels said that the government is working with educational organizations at the national, state and local levels to provide high quality training to produce the next generation of cybersecurity professionals.