I was just reading on CNN this morning where Homeland Security Secretary Michael Chertoff mentioned to a group of people that his agency was looking to setup some kind of alert system to protect sensitive government applications. This alert system in his mind would somehow alert them that someone was trying to compromise a government entity maliciously over the Internet. I couldn’t help but just laugh when I read this. It would be some sort of “early warning system” of sorts.
The reason I laughed when I read this is probably because it’s likely not ever going to happen. If the private sector hasn’t been able to devise a system like this yet how is the Government going to do it? I don’t mean this as a slam to the Government in any way, I am just saying…
Today there are post-warning systems that you can put in place to let you know when you have been hacked or suspicious activity is going on but nothing really to let you know an attack is about to happen, think about the dynamics of this. Again, I am not knocking the Government or Secretary Chertoff but he obviously isn’t informed on this matter in my opinion. With that being said, there are certainly things you can do to “harden” your environment and applications, plenty of private sector firms competing for that piece of the market trust me.
In the same speech he did bring out a few things that I agree with:
A well-targeted attack could cripple financial institutions or air traffic control systems or expose U.S. secrets to enemies.
Chertoff said there are too many openings into government networks for criminals to explore and exploit with viruses or other malicious code.
One of the homeland security department’s goals is to winnow the number of Internet access points into government agencies from the thousands that exist today to about 50, Chertoff said. He gave no timetable or details on how the plan would be implemented.
Chertoff’s speech focused heavily on his pitch to recruit private-industry security researchers as the government beefs up its cybersecurity staffing. The government needs to recruit from private industry because many critical networks are operated by private companies and they need each others’ expertise, he said.
He did not say how many new cybersecurity jobs the agency wants to fill with private-industry professionals, but he said the initiative is a high priority because the power of the government alone is “insufficient” to fully combat the threat.
Source: Chertoff wants early warning system for infrastructure attacks – CNN.com
Questions or Comments?