Government IT - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Government IT


DHS Progress Proves Elusive



 By: Paul F. Roberts
2005-09-12
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Government IT story.


  Table of Contents:
  1. DHS Progress Proves Elusive
  2. ' Cyber'
  3. ' It Gets Worse '

Rate This Article:
Poor Best
DHS Progress Proves Elusive
( Page 1 of 3 )

The department's failure to address initial cyber-security tasks sparks concern about its ability to protect infrastructure.

In the wake of the Sept. 11, 2001, terrorist attacks, President Bush commissioned a sweeping plan to secure the nations cyber-assets. At the time, the president said it was vital to reduce cyber-threats "before they can be exploited to damage the systems supporting our nations critical infrastructures."

But four years and billions of dollars later, the federal agencies charged with locking down the countrys technology infrastructure still cannot, or will not, detail what concrete steps have been taken toward national cyber-security.

Despite a budget of more than $1.7 billion covering 2004 and 2005, the Information Analysis and Infrastructure Protection Directorate, home to DHS core cyber-security activity, has yet to address a single item among its stated cyber-security responsibilities. That judgment comes not from academics or contractors but from the Government Accountability Office.

The National Cyber-Security Division at DHS called for more clout last December. Click here to read more.

Officials denied eWEEKs requests for itemized budget figures, including salaries and specific program expenses. DHS spokesperson Michelle Petrovich said salaries for nonappointees are private. In addition, much of the budget is classified because it "typically gets into the intelligence realm," Petrovich said.

Resource Library:

Among the initial cyber-duties not yet completed are the development of national cyber-threat and vulnerability assessments and the development of government/industry contingency recovery plans, according to the GAO, which offered an overview of the departments cyber-security challenges in July. The departments failure to accomplish such preliminary tasks after two years is leaving lawmakers increasingly uneasy.

Sen. Joseph Lieberman, D-Conn., the ranking minority member on the Committee on Homeland Security and Governmental Affairs, said he wished more progress had been made over the last year. "I dont expect overnight success, but I do expect visible improvement in DHS ability to protect the cyber-structure that underpins our nations critical infrastructure," Lieberman said.

The tasks of identifying, assessing and analyzing cyber-risks can be amorphous, but a nearly complete absence of measurable goals or quantifiable results has prompted Congress to demand more. Noting that a security plan requires measurable goals and milestones, Sen. Tom Coburn, R-Okla., chairman of the Subcommittee on Federal Financial Management, Government Information and International Security, said, "Vulnerabilities still exist today, only now they are less excusable" than they were two years ago.

"America expects DHS to take every reasonable measure to protect us from terrorism," Coburn said. "I am not convinced that threshold has been met."

The department is hobbled by the massive task of integrating under one roof functions that had been scattered throughout the federal bureaucracy, according to experts. "It was like trying to merge 22 companies," said Bill Hancock, chief security officer of Internet service provider Savvis Communications Corp., of Town & Country, Mo., referring to the 22 government agencies that were folded into the DHS. "The IT problem alone is staggering."

Much of the departments resources and attention have been taken up trying to get its own house in order, Hancock said. "Its a huge organization thats trying to get a grip on its own problems."

Organizational problems stemming from the massive reshuffling were an issue for Amit Yoran, former head of DHS National Cyber Security Division, in his time as the countrys cyber-czar. "The challenge within [the DHS] is the maturity within departments and processes," said Yoran, now president of Yoran Associates, a Reston, Va., consulting company.

Yorans departure raised new—and old—cyber-security concerns. Click here to read more.

For example, conflicts between different financial and accounting systems and controls used within the DHS caused Yorans budget to fluctuate by tens of millions of dollars during the year, making it difficult to do long-term planning. "It made it difficult to get down in the trenches to manage and allocate resources when you have that kind of budget," Yoran said.

The federal cyber-security program has been hampered by persistent management problems, including rapid personnel turnover and organizational instability, according to government overseers. In the last year alone, five high-level officials with oversight responsibilities left the department: the undersecretary for IAIP, the assistant secretary for information protection, the director of the US-CERT (Computer Emergency Readiness Team) Control Systems Security Center, the deputy director of outreach and awareness, and Yoran.

The cyber-security effort also suffered from the absence of a high-level official dedicated solely to the task. Without this position, officials inside and outside government complained, cyber-security was mired in the boondocks of bureaucracy, lacking the necessary clout or access to decision-makers to get things done.

In a departmental reorganization announced in July, DHS Secretary Michael Chertoff created the position of assistant secretary for cyber-security and telecommunications, which has not yet been filled. The restructuring eliminates the IAIP directorate and assigns infrastructure protection and cyber-security responsibilities to two separate offices answering directly to the undersecretary for preparedness, a change experts in industry applaud.

Click here to read more about the recent reorginization.

Still, the DHS faces many of the same challenges as other federal departments when it comes to allocating resources to fight threats, especially cumbersome procurement and hiring procedures that make it impossible to snap up good talent and technology, Yoran said.

Next page: Cyber-security gets bogged down by bureaucracy.





  Reader Comments: DHS Progress Proves Elusive
>>> Be the FIRST to comment on this article!
 


 
 
>>> More Government IT Articles          >>> More By Paul F. Roberts
 


x}r8s;iW1ŋ:dK.kڶ<<ձZ$)CRճ~fMJlWmDf"H$!oowD.]ݴ1r͙M55|``HRcoo>-3 @oR^P ĠxnwݶN`P'~> \?g3UY|R(Ӊh] ]|( Ѽ'eMGQR`J Cw*Nul9 Q19T2/Fӽ|?t[h  5{e_ U'iϏv{P;U{QUh/E@^cBȡ[Ji=5dc7.{ -,v2K*-aGе :9z u v}J@J73ҧ }KH;R@}ky>5I ib1lp:A%$7 .mqS`?Ķh¹p\.*!}=-:ԍ|$ .j.r&"U-m  ҧP2zhNtT/`_eY7;Ͱ-P6M-#QX|} l˙=Y8^p?O?.irtջ\HQPw;@ږVҎ`(:g^Oۗa\b'H H~L0Q\&*Jt2M3QA 1qjW`rM7JqrW-GG%MNR;1,fϷ 3+i3*G,i%[m&m}'l,/aZ4 2vX]1,Uysyڟ;gw:Rڟ+̪ZUoz O{uH4kh`cRV> ߵg/7m2 ᭛O3Rdt&˭~uI X-t[RH }c+?!,_0f k$LJsi)":u P;|sNGGGm҄& 9B:%ϙP/7>hr ^@e)#8?݇IhJq䨉kYSl؅ R揇4@O XZEU>hi"E[ŢˊfoF">y 23yB(pHqb&μbO૦yp1jY]6'tauIUi _Cޡ:ytnMOW^ S3G#вnZKV%cWPvr/*GrKh 2ud8԰1nґ>âxO? utSO|>5և㤞F!|Бdmxq#Z. +ԍEXn`Nt&h Q٭lE%_¤< ) zA;=H:6(Z\?`c VC@B끂9G׿ޚB"Qފѡ4aqj 8=*~3=w}   @lߓ5#~[-[Z6x O͙A }(~~9-WRO^`""D% R h4AEBENNA$?HX-rP.o=!ԑt݁Z.?MfaZ z)2ٜʬ$3Mf X*ȉ#o"0%X Z /jԭeCDӎ*5tBބhd,a戡uy=YI-z'$-L3F0pql)0c}p Iϵ(a6Ê0ӊYsƾ sF@M- ݜZ,'1!&B~aZ&4" 7q9yE"TX!3#Ͱ&q_;G+ooznr&=F9;m9T.MmUPS7˕L<+׬UPM g2)*[h8:[(O7\YYbʁT᧒qH1g0d8V@q=1S7RtZC+>q^i.;[@Oe]Zr{{#Uv/KƠ\>?ur@,ohm_EڠueLGyK-# IHf(XK+ezlxyD62C 7==0\Re迚Ȕm0ʚU9,Wf ()r?-j5 ofsXS:hM>_![!C \|,Y\/+]75&@0mE"}qiNR} Ȳ^z`uޤ 2RX%}T5!QȺ3'Q(JЧɕB K Mqέ!W hPU+ bI4(Nu=(UF+埮򏳀>UF=n3 $h@c4e2f-4_\0-cJD5xⰤ(O ʀ>jxG2c(Ъ6#iB/%e.N1)Q*&v}j;LʲHV)+Y+TRaoaqVZʉF HU-EOM#/ PNkV[C^$G|)>H]tX-UղR?ETAtuU)n?mVPVW`Zd&\%\3Li0)Q빋Q fTCZ/)+iQ/ ~ dwm PG c[,&re&kSH+'|@ CO*lU*JtT$]HX9H(P Yx]!6ps^ar0qq8(-E<92=qhZavOT+*g4A<8&n>C$5@E D@D;n% ?S-Ѝ 8FgMX1BNKE])o:1)il{ݗΛW/xȄyt't{~{}[\;/qAVԸ'^`>,u[ EOo[R͏.F0r`R#(; J@c'$bw}WrzqiZ-a=lF;)^9+ys-d}ֽz'sݖҽN7s5ANnTHcF_!y.FS̠o2XHzz0<㵑a"ATKվ̂q ՜4"^Z ON3bn,*qmjko#$ Z`!_b!bF'<AP{ r H)'4 N%>\b/;H4VB 0F_Th)4zu3xjuo)5O"EG7%'s;{+f[I7s+t,'GD_q+5sz<~\1Z9n|&Br^'18/;=h)OH"Cc.A-6ܾN;&4sJd":A%;6?m[ħ{, /䎑>G=:ds =NP'i&.j7t[b)s,ÌNxsyؠ#%tBU[CT䵴f[YUHO~%b.LyAH0Hv\գaq=DztTvwX̧E~`rFntýԆ+^@)s^EXL2k7x'[gY.t0w/ 8dc޳d=fcT1;.`Y =w>aLHM\gh^PD(Vp+hh*fnM`aEF<.%g-&Mw[GZ]re}K_iW{w$ D=(ޟXwG.z|(=!GzE>sF.Zۿuue'3 CN}i^w7-Uzy J~l/t:D(jE[e[{C9Ȫ̅S{R؋O'G'3~`qx-:?`tH߶lFځ;-3(m3F=߹_3{K=wKx?*AϺ42]awB%>mJˢz%nQhr;T%%e(IQ)"{"F%t`o14m*z>==35"i 1N6;y: :l0̠@ b@ffw\8 9S6@Cid3h l|nwkJbjl <1Qh)q٦h [" a' zYC,g p$|+؊wO_o+N{kE v™+[ G?|ej֚ט&%h3[Q@)C_ƥG/>qĨ'pbx? r`f[h!rt.W>s}}Qbߴmr&kߺS ML0V Y<۵PiYc V9eW&BS_FG:v,&"3ͳ}YWKJJg_ިh0#$_cJQMO}i4[`̋ ;[SEӎ/J ^fu3@HtJ'u3s?NT haJL]_@e3R",P/,81r]+a7iޙ/s .qմ 4 ǜird< P% LZ<:,˰)dЦR]n!1364quVCN܅kg $R%NmƆ 6c*dN(23a'(z"]KIs0"1p&k2)N{ XYf猓}2wh6#|Up~㝦(I$>}NE,1|F1,uSL g&&M̥S6BlC73@dB]*HbY`NOp=Ta"Z!:O>Q+q86)*tj YU$MٖK7`H]r|\4:#JM :{T-62+@8cNH~H‹amj$UۖM_}~dWݗt+:Դ.9"E/,i؋_ 8ƌR#|aWʯ>1 F|::9E:1 r!F4 9IhgGEÿמaUngs* fL\Ӷ1u`ۢ#vt: H#uRŽ:SA"8 ;铨] 7%[lڿ2%&)[j &d#嶤S=H 73f^%UKկ8ڈf6i/i5thA;DU3,O :rVh#t 'aA_pO~ ɔ5IKމ5,W%5IvxoKDG!Wq.`S1O7CW`0fR >@[j5vFBpto@/9wI%1L&`$p{}9oI^B_LWZR21ތ'LD^EPbb|{b>z$5X7%'^;k>Tʖ&f* 5uO(){׼Fu(qW& O8|vdގ | Dk-՜`8'"r^ 3mKMx1Rgqi6E9DI D "aw#į)߄\ , 5^4 <5n7fы0x+]5kl> Xx~ x ޟЃd>:;'${|]ö;1[زۯڴ8bf?\f1\%J~Y˻ΈQ ?ք ەzvF~o 2XA iݖnEH9 ֶV&c (׮^饼Kx{{|A|@aS_M:ZU?HTo~†[rF(gt]nDDK v+ķv4 *,[mۛ]B.6kxd;нLN%?h۾ޟ`+@mCն-0V'Eqrz{ [1+t>ХJY VC}_ߩS-!`D6ꅠd+Ь%5:&BJD:`ɿ7E?┉fae? %3_M5p]ŹDStvMzGttZ;<3do\*Ҷƺ*iuߒ`O26&XAړcYİO{X ђ,#Ћ痨d1b>PCIwũ& fCʸltq"o}/2;֏d`܀()ZWIY -sO ?= Pt4I#$:{m"g?G* O2 3[4K2\0ky:6M`p#o_ߧ#|/,@۽87Κ} O݋2g¤ZZt'O|g'dQ?& <7=LV1x Òs'<ƘKjtVUՒRR,w9[dLo8B鞐ք1x*B 'UٜAGu)1T#j%A5R9}fZ˚bfƆX50VzY3vX5.Vڹ^q)y,y -JS☷3EųOo0޻K{YMV^]CO5XtDgHN7D ]%Ar9t@EP]'ٖ~1~&懵: 3S\YrVfThͬ-j5%Vd]FRl3 K?dChΣ4 ?R)%n%:*DQx+nϪR=@%X=0]LaL_ňVRR>fD9mFA&W1h?ekc |)7gn,՟.g>Ln>VHՔ'?ɺext5ހJ"ڋr[-(i^S:&p I.JAzjc4~܌ Pm̼DGRS}o<kGcb2zZĝ}׀gbِU"a=X *>nde2GP56# p7wO%n.~V };C}m!<8Cs>z(4xh%qX' CRO⺢ 2NY"aK9.!y:q0ra)ňo9fkHג s) [7n{ʑRRHu t083)yҊF2*mM /෽nrnR-i`Ik„0'ld Dps} dlSv8))ĴF#1Cä͈)iTtb˃H01Fnŷ^$l;b21#bH~9ϦSH"+RYR9vqY@y+LB|G(^jJ͍$u~QfvK) '.X`,rJcj_dx?,Gz'aq2?xu:RZ#[]:Nիr P:YU49s!aZ;:ypX;<&).yci 8OyN4xTJ+ K;:B"DILv]a]M,#>0(-ŌCZUѓȤ)t_L=VreU<^ffE={8~BOSz% %uW0`A i2b2t\K)$$ ͈ɵ?ѝXF 9ޒ&9mIistxZѷh+lԝsm}9|9\on;Ba&hLo楾,Ǜ,# r~ݼj3;eFq(M1B*rKx52 /W%Lqx&0̟E~Rv}Y QJoNiBoLLo7[vS+t_6Пxs3oK-fPSdq>r:X)` ѧzIc óbS׾lI]hD&5+ۼv) ))gMfNyʻ9-AS~gρ>9NqY_iVN9?tsʡ+4~//e|W9s_}r{ʡU^^'uןsN_ S~W909{ s#?0~9ׅws?]/rq7M?9{9^}~X_ S}y>>ʁrڿi.s$CP̑ .^N攗 ~)W@__y+%yN賊9+F7_+ɡsTh= Я#ߗdnleܹ9 aqʍz^S_yڞꖽpLڭf]9hq_l %^a/ ^敽 YT+6:7q3[ àh7n9_#1^V+p3lc}p_}{ݼ4?Cg6'[u}Mz`MTB$pF7_a%a/xI6of!/^ ~*[v3:]8d S7 D,D5{sŘЛِ@O,w aլcՙ>YC7ao/aKZ+#p[g;]g3=&L͡; O,K~f)gMԛ3n 4<4 B?-(B:=A|#WN$ .LECzq ;bO!l "eT莃@xWCQQ?gqm`<=Uh "n+8q0/`5ݤq&[ )dwIt͘2%9mĴ`O҆㣭AG=4&FR+MaErj9UZQ8ۈq623Osw^\*[hr]XnB4P{>wpd!mc>m=]wrl#Xnܙ-LI'Հ&;_زv/ vtEu<,cBMo.;$m~{2_ we'G ?[KJLeܿPOv֢=#50uﱟzwF$>}D.I5sEEבE,&JhӄZ{JfBZH>]р]g,]){+1¢_i vnMEܐkτx{p&,vٱC >1uN@U}C 1*G_1r<x^#r/JD/j˦UM$f@gQl)VxNݰ=vRRļ%Kln͕h"E a'@hEa9"WE#g)rT~{J}*P=gZP:] n",}d/+1bNХvHyU[$+#R.ڎOF;o)0JiyRWw(E/nprށMA&{ٱsW9ebV)qdGF-[$@O"C24 ^w؞;Oq^gd% M)W(?_v{[>/``UY<9m<` G.Ε$߁)0u^ozQڃ`'qd|A!b[p@ lL.BLnbbq Y;gf;sM.|B pSQ*Ү^g͜ %SWJP'jTV@8̛ m+~HױI _[0~OY+ʕbA<\n2?>%i#$W @ =(ۉnfTU^X (K" LwCΡpshՆGXox{ [) Iy>p;Щ0TM.vj]nJQXƺa#W®u4mvщ߉n^ QaWO_g~C%97:q0>~05rX)>ٔ%6süѷ`=`Z~]x O!0YdWP Y-f1%yDn$8)}q&ж?g8هl&~&THl{ УT~tBK-^иq= /F"<Ԃ'g"e})ID~y)/̀/(8}E.qeQVs*z/kV? <^U1$o~V;|v>;Iu~nG aW ѸT\œߵ;/+Ϻ,ںqKOg?}~nIQEeiNђuvJ4[tEg0]\}l4'n&_!?ZeUUSq$ᑝ7}M1uc*H9vFًᷞfSزM*d.%r RbڍR<>էr09b֊V&|&wZ2c嵉_ l?j 7