Amit Yoran, formerly vice president for Managed Security Services at Symantec Corp., will head up the Department of Homeland Security's cyber-security division.
WASHINGTONThe Department of Homeland Security has tapped Amit Yoran, formerly vice president for Managed Security Services at Symantec Corp., to lead the agencys cyber-security division. Yoran, whose appointment will be formally announced tomorrow, will be charged with implementing the Administrations cyber-security strategy.
In another move to fortify the countrys online infrastructure, the department is creating a new national computer emergency response team, to be called the U.S. CERT. The new organization will work closely with the CERT Coordination Center at Carnegie Mellon University in Pittsburgh.
The center is meant to be a central point of data flow into and out of the government for dealing with all things related to information security, especially during large scale events such as the Blaster worm outbreak or widespread attacks. At DHS, the National Cyber Security Division will be responsible for overseeing the US-CERTs operations and communications. In the private sector, the CERT Coordination Center at Carnegie Mellon University will serve as the main partner for DHS. But CERT officials said they are eager to bring in other partners, including the Information Sharing and Analysis Centers, managed security services providers and other organizations that are interested.
"Were hoping this will bring some formal communications to information sharing for the security community," said Jeffrey Carpenter, technical manager of the CERT Coordination Center, in Pittsburgh. "Were building a mechanism to share things more efficiently rather than people randomly calling or sending e-mails to each other."
Carpenter said the group hopes to begin the process of getting the US-CERT up and running during the next few weeks, with an eye toward bringing in some additional partners within a couple of months.
DHS Assistant Secretary Bob Liscouski disclosed plans for the center and Yorans appointment to the National Cyber Security Division this morning at a meeting here with industry representatives. Calling the Carnegie Mellon CERT a "linchpin to the U.S. CERT," Liscouski said close collaboration between the two is intended to reduce the time it takes for the government to respond to computer attacks and vulnerabilities. By the end of 2004, the department plans to improve response times to 30 minutes, he said.
"We never have credibility when the news is reporting things before the government does," Liscouski said.
The department plans to develop open standards for tools to improve threat warning time, Liscouski told industry officials this morning. Noting that government involvement in standards-setting is a thorny issue, he said that the initiative is not meant to result in technology mandates. Instead, DHS will identify best security practices not only within Fortune 500 community, but within the "Fortune 50,000" community.
Additionally, the department will develop training standards to identify elements vital to security programs within an organization, he said.
In addition to improving incident response time, the U.S. CERT will increase coordination between government and industry, reduce vulnerabilities and promote incident prevention. It is not intended to replace other emergency response teams, but to complement them, Liscouski said, adding that FED CERT will become a component of the U.S. CERT.
The National Cyber Security Division aims to work more closely with state and local security organizations and will conduct a series of town meetings toward the end of this year or early next year, said Frank Libutti, under secretary for Information Analysis and Infrastructure Protection at DHS.
Liscouski said he will reveal more details about the departments cyber security initiatives tomorrow when he testifies before the House Homeland Security subcommittee.
(eWEEK Senior Writer Dennis Fisher contributed to this article.)