US government publishes parts of its cyber security directive
The US government has lifted the veil on the confidential cyber security directive issued by former US president George W. Bush in January 2008. The White House homepage now offers a 5 page document that summarises the Comprehensive National Cybersecurity Initiative (CNCI) for improving the network security of US federal institutions. The White House said that the summary was released in accordance with US president Obama’s declared intent to make transparency a touchstone of his presidency, and to improve public understanding of the US government's efforts.
George W. Bush's NSPD-54 directive replaced earlier instructions issued by former president Bill Clinton in 1998. The directive instructed the US Department of Homeland Security (DHS) and other US authorities to develop a program for mapping the US IT infrastructure and sorting it according to vulnerability. The current document lists twelve initiatives designed to detect potential threats early enough to counteract them.
Howard A. Schmidt, who has been the US government's new National Cybersecurity Coordinator since December 2009, said at the RSA conference in San Francisco this week that the CNCI was published to illustrate that the US government offers a sound foundation for improving the protection of the US infrastructure against attacks. However, US media report that not all parts of the strategy have been published, and that the part which deals with the US government's position on offensive "cyber warfare" has been omitted. Civil rights activists of the Electronic Privacy Information Center (EPIC) welcomed the publication, but demanded that the complete CNCI be made available.
One of the measures detailed in the published document is the Trusted Internet Connections (TIC) initiative, which is designed to manage the US authorities' federal network infrastructure as a single network enterprise and consolidate external access points, including those to the internet. Program Einstein 2 involves the deployment of signature-based sensors designed to detect unauthorised access to the federal network and inform the US-CERT accordingly. The document also mentions an extension to this program, Einstein 3, which is said to be suitable for counteracting attacks and preventing consequences, such as data theft.
Another initiative is to coordinate the various research and development projects for improving cyber security, eliminate redundancies, and identify research gaps. A similar role is played by the National Cybersecurity Center within the DHS. This agency is to foster coordination and information exchange among the agencies involved in protecting the federal infrastructure. A government-wide "counter-intelligence plan" is to be developed and implemented to deter cyber intelligence threats to US and private sector information systems.