US govt cyber division is 'heartbeat of the agency'

A principal adviser to the head of the US Department of Homeland Security's National Cyber Security Division (NCSD) said its...

A principal adviser to the head of the US Department of Homeland Security's National Cyber Security Division (NCSD) said its division and its industry outreach programme remain key players at the DHS.

Speaking at the Digital Security Conference, Sallie McDonald, the DHS's senior executive responsible for outreach and awareness efforts, said that the NCSD "is properly placed within the department" and has been described as part of the "heartbeat of the agency". 

McDonald's comments follow recurring criticism from experts and former administration officials who fear that the existing cybersecurity leadership has been buried too deep within the DHS bureacracy to be effective.

Critics fear the agency may have lost some of its influence with the departure this year of Richard Clarke, the former chairman of the President's Critical Infrastructure Protection Board and the nation's first de facto cybersecurity tsar. 

A spokesman for the DHS said Amit Yoran, former vice-president of managed security services operations for Symantec, will take the helm at the NCSD.

McDonald said the NCSD is now focused on reducing vulnerabilities throughout the nation's critical infrastructures, establishing a national response centre at the newly formed US-Cert, and developing a cybersecurity outreach programme targeting small businesses and home users as well as large companies. 

The NCSD is also taking the lead on a cybersituation awareness project that can conduct near-real-time analysis of incident data nationwide, said McDonald. The division is already working with SRI International, Symantec and Computer Associates International to develop an automated capability which would enable data to be shared immediately with various private sector-run information sharing and analysis centres.

The research and development effort includes plans to build a non-proprietary system that would allow any organisation in the nation, regardless of IT infrastructure, to feed data into the incident analysis system. 

"We will be deploying this in the federal sector, starting at the US-Cert first, so we can see in real time what is happening across the nation," McDonald said. 

She also hinted at a series of "big announcements" the DHS may make in the next few months regarding its work with internet service providers on possibly offering users free firewalls.

That move would be part of an effort to simplify the security procedures for small businesses without a large IT department. 

Dan Verton writes for Computerworld


Read more on IT risk management