DHS Chief Says Current Defenses 'Insufficient' to Handle Evolving Threats

Homeland Security secretary Michael Chertoff says federal government and industry need to do more

3 Min Read

SAN FRANCISCO -- RSA Conference 2008 -- Michael Chertoff, secretary of the U.S. Department of Homeland Security, is a long way from feeling secure.

In a keynote address and press conference yesterday here, Chertoff discussed the threats faced by government and business, the progress of federal cyber security efforts, and the state of current security technology. And he believes a lot more work needs to be done on all of those fronts.

"What we saw in Estonia last year proves that a single individual can do the same amount of damage that could only be done previously by dropping bombs," Chertoff said. "The threat of cyber attacks is only going to grow more serious as time passes."

There is a real danger that foreign governments, small groups, or even individuals may attempt to harm American infrastructure, not only by attacking government sites as was done in Estonia, but by stealing information or launching denial of service attacks on the country's bedrock institutions, Chertoff said.

"These are the sorts of attacks that could shake global trust in our core systems, such as financial or banking systems," he said. "What if an attacker broke into our air traffic control system, and manipulated it so that we couldn't trust the data we were seeing there? We might have to ground all flights."

Available warning systems, typified by US-CERT, may no longer be sufficient in an era of rapidly-evolving attacks, Chertoff said. "What we need is a quantum leap in detecting and preventing these attacks," he said. "A game-changer."

In January, the federal government introduced the National Cyber Security Initiative, which includes an early warning system for federal systems nicknamed Einstein. But Einstein has been "limited in its effectiveness," partly because it relies primarily on analysis of anomalies that have already occurred, and partly because there are too many possible entry points to monitor.

"We need to reduce the number of access points to federal systems so that there is a finite number of entryways," he said. While there are uncounted ways to access federal systems today via the Internet, the federal government would like to reduce the number of those access points to about 50, he said.

There is real money behind the effort to build out an early warning system and improve federal cyber security, Chertoff noted. The cyber security budget at DHS alone was approximately $115 million, and will increase to $192 million next year. Other agencies will also be increasing their cyber security efforts, he observed, although he conceded that federal agencies have been "uneven" in their approaches to the IT security problem.

"The President has directed that this [cyber security initiative] take place," Chertoff noted. "We've put real money into the process, and we've asked for more. It's going to be hard, but that doesn't mean don't do it."

One of the tricky parts about building a federal cyber security effort is learning to make longer-term investments, Chertoff said. "We tend to be biased in favor of present gain, rather than future loss," he observed. "The largest problem we face in government is that we tend to focus on present, rather than future benefits."

In addition to building up security on government systems, the federal government hopes to work with industry to develop early warning systems and defenses, and even share in the effort to protect consumers, Chertoff said. (See video.)

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Tim Wilson, Editor in Chief, Dark Reading


Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one of the top cyber security journalists in the US in voting among his peers, conducted by the SANS Institute. In 2011 he was named one of the 50 Most Powerful Voices in Security by SYS-CON Media.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights