The Senate Homeland Security and Governmental Affairs Committee approved legislation Wednesday to enhance agencies' ability to protect themselves from cyber attacks.
Statistics from the Department of Veterans Affairs show a significant decline in malware making its way into the department’s networks over the past two months. VA officials credit the government’s approach to “collective” cybersecurity.
Three hearings. Nearly seven hours of testimony. Enough frustration to fill the Potomac River. That was Katherine Archuleta’s week. The director of the Office of Personnel Management had a bullseye on her back as House…
DHS says its program to scan federal networks for cyber threats should be mostly finished by the end of this fiscal year, but it still faces obstacles in implementation of EINSTEIN 3, which seeks to stop cyber attacks before they enter federal networks.
DHS says it found out about the Heartbleed vulnerability at the same time everyone else did. But unlike most other organizations, it had to wade through layers of legal negotiations before it could help federal agencies fix the cyber vulnerability in their own systems.
Suzanne Spaulding, the nominee to be the deputy undersecretary of the National Protection and Programs Directorate, told Senate lawmakers DHS had to reduce the number of federal devices that will be covered by the CDM program because of budget shortfalls.
Brendan Goode, the director of network security deployment in the National Protection and Programs Directorate in DHS, said 15 out of the initial 23 agencies expected to implement Einstein 3 have signed memorandums of agreements with the department. E3A will use both unclassified and classified indicators to understand risks and vulnerabilities of federal networks.
The White House has threatened to veto a House bill providing funding for the Homeland Security Department, taking issue with many of the bill's provisions, including a denial of a civilian pay raise. The committee bill also doesn't include any new funding for the agency's data-center consolidation efforts or construction for its new headquarters.
DHS is in the final stages of deploying version 2 of Einstein across the government, and already is making plans for version 3.
Secretary Janet Napolitano said the Einstein 3 software will be deployed across the government to detect and disrupt malicious cyber activity. Cybersecurity among the hot topics Napolitano highlighted during her State of Homeland Security address.
The National Cybersecurity Protection System is testing software and hardware from the Defense Department and industry to figure out how to expand the Einstein toolset. DHS reports that 13 of 19 major agencies already have installed Einstein 2. The department also is planning to hold an industry day for a classified cyber RFI.
Federal agencies scrambling on DNSSEC implementation
The agency is working with different industry sectors to improve how and the kinds of IT security information that flows in both directions. DHS has a pilot with DoD and financial services companies to exchange threat and malicious activity from their networks. DHS also has installed Einstein 2 software on 12 agency networks to improve how they recognize risks.
Rep. Hal Rogers (R-Ky.) explains why he thinks cutting funding to certain cybersecurity programs might not be such a good idea.