Who Will Oversee .Gov Cybersecurity? NSA Says It Doesn't Want The Job
Ever since its creation by an act of Congress in 2002, the Department of Homeland Security has been the lead federal agency responsible for cybersecurity. But after DHS received failing grades from government auditors, some Washington insiders have questioned whether another federal agency — perhaps the shadowy National Security Agency — would be better suited to the task.
On Tuesday, the director of the NSA downplayed reports that the intelligence agency had attempted to wrest control of cybersecurity responsibilities.
"We do not want to run cybersecurity for the U.S. government," Lt. Gen. Keith Alexander (pictured) said at the RSA, an annual information security conference in San Francisco.
Instead, Alexander said, DHS should continue to oversee Internet and computer security for civilian agencies, while the NSA would provide that service for military agencies.
Alexander's remarks come during a 60-day review of the federal government's cybersecurity efforts ordered by President Obama that could end with responsibilities being reshuffled between agencies. Melissa Hathaway, who worked for the director of national intelligence in the Bush administration and is conducting the review, is scheduled to give a public talk on Wednesday.
The announcement of the review led to speculation that the White House's National Security Council or NSA would be handed more cybersecurity responsibilities, along with a larger budget to carry them out. Although the 2002 law creating DHS centralized cybersecurity responsibilities, it has been repeatedly criticized by government auditors who concluded that DHS failed to live up to its responsibilities and may be "unprepared" for emergencies.
On Tuesday, Alexander did note that the NSA "has tremendous technical abilities" and suggested that crisis management might benefit from centralization. "The question is: What happens in a time of crisis? We don't have a way of seeing and sharing networks today in a timely manner."
Much of Alexander's remarks appeared to be a response to Rod Beckstrom, former director of Homeland Security's National Cybersecurity Center, whose resignation letter last month blasted what he described as an NSA power grab that could threaten "our democratic processes." That led some members of Congress -- including the Democratic chairman of the House Homeland Security Committee -- to object to NSA control, which Clinton-era FBI director Louis Freeh echoed a day later.
Other topics of discussion at the RSA conference included cyberattacks by foreign governments and the recent Conficker worm.
On Tuesday, Robert Lentz, chief information assurance officer for the Department of Defense, said the agency is attempting to protect 15,000 networks, 7 million computers and 1.1 billion DoD Internet users worldwide. There are 360 million probes targeted at DoD networks each day, compared to the one million probes an average major U.S. bank gets per month, he said.
"2009 is the tipping point," Lentz said. "The reality is the bad guys are going to be in our networks," and officials have to figure out how to best detect and contain the threats, he said.
High-level officials understand the seriousness of cyber threats and understand that "airplanes can't fly if the network is down," he said. "The biggest challenge is turning geek-speak into things they can understand."
The department has a lot of work to do to change the network protection policy from one based on bolting together disparate security tools to one where protective tools are interoperable and integrated, according to Lentz.
Within the next week or so the agency expects to have an identity assurance strategy that will include biometrics for authenticating identity of network users and identification of devices like routers and switches, he said.
Asked after his talk if he believed reports that Chinese cyber spies had infiltrated the department's network, Lentz said "probably."
CNET's Elinor Mills contributed to this report