In interviews with Computerworld, senior officials from the
Information Sharing and Analysis Centers (ISAC) within the IT and
financial services industries said they learned of the new DHS
National Cyber Alert System from media reports that appeared shortly
after the announcement was made yesterday (see story). More important,
the officials said they still have little or no idea what, if any, new
capabilities the alert system offers, what is expected of the ISACs or
how the private sector is supposed to integrate and coordinate with
the DHS on the alerts.
"The government wanted to know how it could get [security information]
to everybody, but it didn't ask us how we could do that," said Pete
Allor, operations director for the IT sector's ISAC. "At least you got
a conference call," he said, referring to the media briefing hosted by
the DHS.
During that briefing, Amit Yoran, director of the DHS's National Cyber
Security Division, told reporters that the new alert system "will
integrate very closely with ISAC functions, [and alerts] will be
provided to the ISACS and in many cases coordinated with the ISACS in
advance." That integration will be made possible by the U.S. Computer
Emergency Readiness Team (US-CERT), he said.
That was news to Suzanne Gorman, chair of the financial services
sector's ISAC, who said she and others were never briefed on what
capabilities the US-CERT operation provides.
"We talk about partnerships, but it would have been really nice if
they had a conversation with us ahead of making this announcement,"
said Gorman. "The way they did this was poor, to say the least."
Yoran, in response to those concerns, said the DHS did in fact conduct
discussions with the various ISACs on what the department could do to
increase awareness -- and he said that level of interaction will
increase as the system matures.
However, Yoran said, the goal of the new system is to give "all users
of cyberspace the information they need to protect themselves." He
noted that the DHS alert system doesn't provide any sector-specific
information. Instead, it offers a national-level view, which "even all
of the ISACS don't cover," he said.
Despite the agency''s characterization of the new system as "a
fundamental building block of the public/private partnership," both
Allor and Gorman said the initiative seems to be geared more toward
home users and the small business community than toward the
medium-size and large companies that make up the bulk of the nation's
critical infrastructure.
>From a critical-infrastructure-protection perspective, "I'm not clear
on how this is going to work," said Gorman. "There seems to be a lot
of duplication of effort.
Allor also questioned the effectiveness of using e-mail alerts to
notify home and small business users of security issues -- a key issue
that the DHS should have discussed with the private sector, he said.
"Who are we trying to alert, for what, and what's the best method to
get to them?" said Allor. It's not clear that e-mail alerts will be as
timely for these users as they are for large enterprise users, he
said.
© 2008; SpywareUninstaller.com Group Project; All Rights Reserved.