DHS : Einstein 2 cyber intrusion detection system deployed
DHS continues to deploy the Einstein 2 cyber intrusion detection system, which is now at 15 federal agencies and four major Internet service providers.
Last year, the system detected over 5.4 million events, demonstrating that DHS has “developed the expertise about how to act in that environment, move forward to protect security and to protect privacy at the same time,” Philip Reitinger, deputy under secretary at the DHS National Protection and Programs Directorate said.
Reitinger said that DHS, along with the Defense Department and the financial services sector have an information sharing pilot project that provides a two-way flow of “actionable information” on cyber threats going between the government and the private sector.
DHS processes the data it gets from the financial sector and then distributes it accordingly, he said. “So we are moving forward on actionable activities that actually add value,” Reitinger said.
It’s more about making sure that the nation is prepared, including the public and private sectors, and has the “capabilities and ability to respond,” he said.
Private sector organizations want timely information about cyber threats and alerts from the Department of Homeland Security (DHS), yet most organizations in the sector say they aren’t getting this help, a Government Accountability Office (GAO) official said.
A recent survey by the GAO of private sector organizations found that 98 percent of respondents say they want actionable and timely threat and alert information to a “great or moderate extent,” but only 27 percent feel they are getting this information to that degree, Greg Wilshusen, director of Information Security Issues at GAO, told the House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies.
Wilshusen said that DHS is making the effort to provide this cyber threat information to the private sector and has taken steps to improve cyber analysis and warning capabilities but said “more needs to be done.” Until then, “our nation’s cyber security and critical infrastructure will remain vulnerable,” he said.
Reitinger agreed that “there is a long way to go” but pointed out that the department has made “significant strides” in improving its sharing information with the private sector.
Much of the shortcomings here have been due to a lack of staff, he said. At the beginning of FY ’09, the DHS National Cyber Security Division only had 38 people but now it has grown to about 240, Reitinger said.
In FY ’12, if the budget is funded, that number will grow to over 400, he said. “And expanding our people significantly expands our capabilities,” Reitinger said.
Source Defense Daily