When HLSWatch asked DHS Secretary Chertoff during yesterday’s meeting about his intentions for the forthcoming Cyber Initiative, which will orchestrate a cross-agency, several hundred-million-dollar, effort to combat and defend against cyberterrorism, he laid out a three part plan:
1. DHS applies a computer program called EINSTEIN
2. The US-CERT is up and running
3. Security patches to protect against cyber threats will be shared with the private sector
1. EINSTEIN is computer program that detects attacks on federal computer networks and assembles data on how to defend against them. Its been in place selectively for a few years, but now its mandatory.
2. US-CERT, the United States Computer Emergency Readiness Team was established in 2003 to support DHS cooperation with â€œthe public and private sectorsâ€ in defense against and responses to cyber attacks. Think of US-CERT as the enforcement guys who make sure that measures are taken to defend against cyber attacks. Apparently they have more authority under the Initiative.
3. Work with the private sector to share information about cyber threats has been underway since before 9/11 through the Information Sharing and Analysis Centers, each dedicated to a specific industry. (The Financial Services ISAC was formed in late 1999 and the IT-ISAC was established in late 2000).
The Chem ISAC and Oil&Gas ISACs came in 2001 and left in 2005.
So whatâ€™s new? Its classified, actually. Weâ€™ll see what the transcript says, but it sounds like the article by Ellen Nakashima in the Post is as close as weâ€™re going to get for now to shedding light on the Cyber Initiative.
More available here.