DOD considers shielding private networks

Deputy defense secretary talks Einstein for private business

As the risk of an attack on the nation's critical infrastructure increases with the rising cyber threat, the Defense Department could take on a bigger role in protecting the computer networks of private industry, according to a top DOD official.

To support such a move, a task force comprising industry and government  information technology and defense interests, which deputy defense secretary William Lynn III termed an “enduring security framework,” has been forged to examine issues surrounding critical infrastructure network security.

Related Story

Protecting our critical infrastructure

“In terms of protecting the nation’s security…it’s the vulnerability of certain critical infrastructure – power, transportation, finance,” that is the target of these cybersecurity efforts, Lynn said.

One possibility Lynn discussed, speaking with a small group of reporters at the U.S. Strategic Command Cyber Symposium on May 26 in Omaha, Neb., is the development and deployment of Einstein 2 and 3 for civilian networks. The intrusion detection and prevention systems are being developed by the Homeland Security Department for use on government computer networks.

Einstein 2 is in place in at least 11 of the 21 government agencies that police their own networks the other 89 federal agencies will go through one of four major technology contractors for the Einstein monitoring, according to the Associated Press. Einstein 3 is in a trial phase.

Lynn said that, in theory, participation in the protection would be voluntary and private sector organizations could opt in – though likened the decision to opt out to remaining “in the wild, wild west of unprotected Internet.”

That wild frontier of unprotected Internet is becoming increasingly dangerous, according to Lynn and Air Force Gen. Kevin Chilton, STRATCOM commander.

“The Internet doesn’t respect sovereignty,” Lynn said. “The cyber threat doesn’t track well with the history of traditional military power. We can’t predict where the threat will come from.”

Chilton noted that the increase of cyber crime requires a response cultivated by the cooperation of government and industry, and also international partners. “To be successful in cyberspace we need to be ambidextrous. We need all hands.”

The response to cyber threats is complicated by rules of engagement that are still being negotiated. “Are they right? That’s what we’re examining,” Chilton said.

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

Reader Comments

Wed, Jun 9, 2010 Mr. Jose Chavez MCB, CAMPEN, CA, SECURITY MANAGER

I served in the United States Marine Corps for 30 YEARS, I have been in IT world now for over 35 years. One major topic that is very important to me is Communication Security, we can secure our systems with the best technology we have to offer but when we fail to acknowledge that we have many civilian and contractors to include retired military personnel that are not educated in proper Comm-SEC, all security devices don't mean nothing, we fail to properly mark and classify information hare in a daily bases, DISA has posted Communication Security, Classification Guides (SCG), that many fail to acknowledge, this is a vulnerability risk for our Critical Infrastructure (CIP), we need hold all personnel accountable that have the need to know that process, plan or engineer any of Defense Systems. This is critical for the protection of our information sharing, this is a weak area that needs attention ASAP, knowing how to process information, particularly when it is a critical accredited systems or network information. High security risk.

Mon, May 31, 2010 E. Smith Washington DC

That is a interesting thought D.W. Please give us some understanding of your method. I actually agree with you on the direction of DOD networks.

Sat, May 29, 2010

So on one hand DoD is putting forth memo's that DoD networks should be more open to internet social services and web 2.0 sites but then they put out an article like this that says that we need to protect commercial internet like DoD with its locked down ports and protocols, DIACAP, Authorities to Operate, prohibitive content & routing filters??? Typical case of the right hand not knowing what the left hand is doing.

Fri, May 28, 2010

This should be interesting. Will DoD tie down the natioanl IT infrastructure with its DIACAP? Will DoD tie down the IT infrastructure with its drawn out acquisition practices? Will DoD tie down down the IT infrastructure with its mundane "approved product list" only products? Solar or wind generated home power systems appear to be an viable alternative!

Thu, May 27, 2010 Robert Yarush Bagram,Afghanistan

I seriously think the governemt needs to take care of their own network security issues before taking on the private sector...

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above.


WT Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.