If approved, the proposed Department of Homeland Security would radically alter the shape of the federal governments information security response and detection apparatus.
The new department would absorb five separate security-related entities from across the government, including the FBIs National Infrastructure Protection Center and the General Services Administrations Federal Computer Incident Response Center. In total, the Information Analysis and Infrastructure Protection section of the new department would comprise 976 people with an annual budget of $364 million, according to President Bushs proposal.
While Congressional approval of the Department of Homeland Security is by no means a sure thing, the effort to unify many of the governments information security assets is a step toward addressing many of the criticisms that security professionals have had about the agencies in recent years. However, without the proper funding and authority to share information, the effort may be futile, experts say.
"There is some benefit to be had in setting up information sharing and developing ways to do it across all groups and identifying threats, particularly cyber-crime and cyber-terrorism threats," said William Harrod, director of investigative response at TruSecure Corp., in Herndon, Va., and a former forensic computer specialist with the FBI. "But the question is, is there appropriate funding and a political mandate to make it really effective?"
In addition to the NIPC and FCIRC, the new department would also subsume the Critical Infrastructure Assurance Office at the Department of Commerce, the National Communications System at Defense and the Department of Energys National Infrastructure Simulation and Analysis Center, as well as taking some personnel from the Secret Service. Harrod points out that it will be a big change for the people involved to begin sharing such sensitive information and to rely on people in other agencies for help.
"Its a matter of changing boundaries and being able to take the analysis and correlation of information and turn it over to someone else," he said. "Eliminating barriers to sharing information is a positive thing, but other barriers will be created. That and funding will be the devil in the details on this thing."
The NIPC in particular has been hamstrung by its inability to share sensitive information regarding criminal investigations with security experts in the private sector who have the skills, if not the clearance, to help. Harrod said he and TruSecure have offered to work with the NIPC, but the bureau has yet to take them up on it.
- Zeroing In on Homeland Security Plan
- IT Groups Plan for Cyber-Security