DOD considers shielding private networks
The Defense Department is considering deploying the Einstein network protection systems to private-sector networks to protect the nation's critical infrastructure.
As the risk of an attack on the nation's critical infrastructure increases with the rising cyber threat, the Defense Department could take on a bigger role in protecting the computer networks of private industry, according to a top DOD official.
To support such a move, a task force comprising industry and government information technology and defense interests, which deputy defense secretary William Lynn III termed an “enduring security framework,” has been forged to examine issues surrounding critical infrastructure network security.
Related Story
Protecting our critical infrastructure
“In terms of protecting the nation’s security…it’s the vulnerability of certain critical infrastructure – power, transportation, finance,” that is the target of these cybersecurity efforts, Lynn said.
One possibility Lynn discussed, speaking with a small group of reporters at the U.S. Strategic Command Cyber Symposium on May 26 in Omaha, Neb., is the development and deployment of Einstein 2 and 3 for civilian networks. The intrusion detection and prevention systems are being developed by the Homeland Security Department for use on government computer networks.
Einstein 2 is in place in at least 11 of the 21 government agencies that police their own networks the other 89 federal agencies will go through one of four major technology contractors for the Einstein monitoring, according to the Associated Press. Einstein 3 is in a trial phase.
Lynn said that, in theory, participation in the protection would be voluntary and private sector organizations could opt in – though likened the decision to opt out to remaining “in the wild, wild west of unprotected Internet.”
That wild frontier of unprotected Internet is becoming increasingly dangerous, according to Lynn and Air Force Gen. Kevin Chilton, STRATCOM commander.
“The Internet doesn’t respect sovereignty,” Lynn said. “The cyber threat doesn’t track well with the history of traditional military power. We can’t predict where the threat will come from.”
Chilton noted that the increase of cyber crime requires a response cultivated by the cooperation of government and industry, and also international partners. “To be successful in cyberspace we need to be ambidextrous. We need all hands.”
The response to cyber threats is complicated by rules of engagement that are still being negotiated. “Are they right? That’s what we’re examining,” Chilton said.
NEXT STORY: Why agencies can't attract top talent