Rand Beers: making progress on cybersecurity at DHS

From “DHS outlines cybersecurity planning” by Max Cacas on FederalNewsRadio.com:

“On most days, the job of protecting the nation’s cybersecurity is filled with things to do.

“This fall, that ‘to do’ list is about to get bigger.

“The National Cyber Incident Response Plan


“Right now, Rand Beers, the Undersecretary for the National Protection and Programs Directorate with the Department of Homeland Security has a lot on his mind. For one thing, he’s currently overseeing completion of the National Cyber Incident Response Plan — essentially, the playbook for how the federal government will respond to an attack on the nation’s cyber infrastructure, part of what has been called the National Response Framework.

Cyberstorm III

“Beers says also on his to do list: the newest version of a well-known test that will stress the National Cyber Incident Response Plan.

“Secretary Beers also says that for this Cyberstorm exercise, DHS will use the new National Cybersecurity Communications and Integration Center (NCCIC), which he says combines the original US-CERT computer network security program, as well as DHS’s Communications Response Center.

Einstein 3

“Beers also used the occasion of the INSA breakfast to brief the cybersecurity industry reps on the next phase of the Einstein Program. The recently implemented Einstein 2 system is what Beers called an ‘automatic, passive’ cybersecurity system which has so far helped to uncover as many as a quarter of a million cybersecurity ‘intrusions’. Last March, DHS staged its first test of the next and final phase, Einstein 3.

“Beers says Einstein 3 is designed to scan entire packets of data traveling over a network for signs of an intrusion, and, ‘hold outside of the .gov domain those signatures that are deemed to be malicious.’

“Beers briefly discussed the National Strategy for Trusted Identities in Cyberspace, which the DHS is developing with White House Cybersecurity Coordinator Howard Schmidt. He offered no new progress report on the NSTIC, for which the public comment period closed earlier this week.

Cybersecurity Workforce

“He did spend his closing moments discussing an important on-going concern: the need to hire more cybersecurity technical experts, acknowledging Homeland Security Secretary Janet Napolitano’s pledge to hire a thousand new cybersecurity staff, which he characterized as an enormous challenge. Nonetheless, he says, they’re making slow progress.

I played highlights of Mr. Beers’s presentation. You can hear the whole thing through the audio link.