Risk
2/2/2010
03:05 PM
50%
50%

Homeland Security Plans Cybersecurity, Data Center Investments

Other big-ticket tech projects in the department's fiscal 2011 plans include advanced imaging for airport security and upgrades to the E-verify system for employee verification.

The Department of Homeland Security is looking to invest nearly $900 million in fiscal 2011 on technology projects that include bolstering cyber security and continued work on a data center consolidation project that's already underway.

Other IT priorities listed as part of the department's proposed $56.3 billion budget, unveiled Monday, include improvements to an existing Internet-based verification program that lets employers check that someone is legally allowed to work in the United States and technology for airport security.

Overall, DHS said that protecting the United States against terrorism and other threats and promoting fiscal responsibility and efficiency within the department are its top priorities for fiscal 2011 funding.

DHS is asking for $379 million to go to its National Cyber Security Division (NCSD) to develop capabilities for preventing and responding to cyber attacks. The department plans to use the money to identify and reduce vulnerabilities within both its .gov and .com Internet domains, officials said on a conference call.

NCSD is a division within DHS that's meant to work collaboratively with public, private, and international organizations to secure cyberspace and the U.S. government's cyber infrastructure. At the same time that it's investing in cybersecurity, the Obama administration has made several key appointments to oversee such efforts, including cybersecurity coordinator Howard Schmidt. (See "U.S. Cybersecurity Team Takes Shape.")

Homeland Security is requesting $192.2 million in its FY 2011 budget to continue migrating applications and systems from 24 data centers to two enterprise-wide data centers. The project was started after its inspector general, in 2005, reported deficiencies in the department's IT disaster-recovery planning.

As part of the budget's focus on enforcing immigration laws, DHS wants to bolster its E-verify program with $103.4 million for planned improvements. E-verify is an online system that can be used by employers to compare a potential employee's legal-work-status information with more than 444 million records in the Social Security Administration database and more than 60 million records in Department of Homeland Security immigration databases.

DHS also plans to spend $214.7 million to procure and install 500 advanced imaging machines at airport checkpoints to detect dangerous materials, according to the proposed 2011 budget.

InformationWeek has published a look at the technical and political ramifications of Google's problems in China. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Latest Comment: nice one
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-1235
Published: 2015-04-19
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy via a crafted HTML document with an IFRAME element.

CVE-2015-1236
Published: 2015-04-19
The MediaElementAudioSourceNode::process function in modules/webaudio/MediaElementAudioSourceNode.cpp in the Web Audio API implementation in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origin Policy and obtain sensitive audio sample values via a cr...

CVE-2015-1237
Published: 2015-04-19
Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/render_frame_impl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages ...

CVE-2015-1238
Published: 2015-04-19
Skia, as used in Google Chrome before 42.0.2311.90, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.

CVE-2015-1240
Published: 2015-04-19
gpu/blink/webgraphicscontext3d_impl.cc in the WebGL implementation in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WebGL program that triggers a state inconsistency.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.