April 2008

Efficacy of Einstein program in question

It may not be an $8,000 toilet seat, but it is hardly getting rave reviews on Capitol Hill.
It is the Einstein program for cyber security, and it prices out at somewhere between $100 million and $200 million.

United Press International reported the Einstein program is the most significant element yet unveiled of the classified multibillion-dollar cybersecurity initiative President Bush signed in February, and it will still leave the U.S. government's IT security lagging the private sector, said lawmakers and industry experts.

It is an intrusion detection system that will automatically monitor and analyze Internet traffic into and out of federal computer networks in real time allowing officials at the Department of Homeland Security to scan for anomalies that might represent hackers or other intruders trying to gain access or steal data.

Officials at the hearing linked Einstein with the White House Office of Management and Budget's Trusted Internet Connections (TIC) initiative. TIC requires all federal departments and agencies to report on all their external network connections, with the aim of reducing the current 4,000 or so across the federal government down to 50 by June.

Einstein will deploy at all those points of access, said Scott Charbo, the Homeland Security official responsible for the program.

Intrusion detection and analysis programs like Einstein "are absolutely standard in the private sector," said Casey Potenzone, chief information officer of computer security firm Uniloc. "It is not revolutionary or state of the art," he added, calling the rollout of the program across federal networks "very logical and something that should have been done a long time ago."

Ken Silva, formerly a senior official with the National Security Agency now in the private sector, told UPI one of the problems that had delayed the policy process was the lack of clear lines of authority.

"Why didn't they do that before? Who would decide to? There was no clear decision-maker in that process," he said, noting the directive signed last month by President Bush had made the National Security Agency "the central authority to oversee security for all government networks."

Silva is chief technology officer of the company that runs the backbone of the U.S. Internet infrastructure, VeriSign Inc.