Talking about Cybersecurity

We've talked a lot about cybersecurity on the blog, particularly last October during National Cybersecurity Awareness Month. The threats to our cyber networks and infrastructure (read: computers) are relevant for everyone - whether you're writing an email, checking your bank account online, helping your child sign up for a Facebook account, or reading this blog. The Department is charged with protecting the .gov domain and works closely with our private sector partners to defend the .com domain from all cyber terrorism and criminal threats - and we need your help.

The Secretary just launched the DHS National Cybersecurity Awareness Campaign Challenge, a call to individual citizens, stakeholders and the brightest in the business alike, asking for ideas to help promote public awareness about cybersecurity and cyber literacy. Proposals must be submitted by April 30 via www.dhs.gov/cyberchallenge, and winners will collaborate with the Department to develop and launch the National Cybersecurity Awareness Campaign. The Secretary announced the challenge at RSA conference in San Francisco, a gathering designed to offer "information security professionals around the world an unparalleled opportunity for networking and knowledge-sharing."

“All Americans have an important role to play in securing our computer systems and cyber networks,” said Secretary Napolitano. “We are challenging our nation’s best and brightest to utilize their expertise and creativity to devise new ways to engage the public in the shared responsibility of safeguarding our cyber resources and information.”

Check out all the challenge details and rules at www.dhs.gov/cyberchallenge, and start working on your idea.

Welcoming the New Cybersecurity Coordinator

By now you may have seen the announcement that the President has selected Howard Schmidt as the Cybersecurity Coordinator. I said on more than one occasion that it was important to get the right person, and we at DHS will be honored to work with Howard and under the leadership he will bring to the issue of cybersecurity. Howard has been involved in cybersecurity for many years, and I first met him when I was a cyber crime prosecutor with the US Department of Justice and he was a special agent with the Air Force Office of Special Investigations in the 1990s. He built his own computers even then, and I’ll bet he still does.

Howard has demonstrated the ability to work across government regardless of party, and across industry, for many years. He helped establish the Information Technology – Information Sharing and Analysis Center, served on the President’s Critical Infrastructure Protection Board , has held key security positions in several private sector companies, has personally investigated cases and until recently continued to serve as an agent in a reserve capacity for the Army Criminal Investigations Division. It is hard to find someone in the cybersecurity community with whom Howard has not worked.

I and we look forward to continuing to work with Howard and his great team at the White House.

Phil

Phil Reitinger is the Deputy Under Secretary of the National Protection and Programs Directorate and Director of the National Cybersecurity Center

N-Kick

The lines between communications technology and information technology (IT) are getting blurrier every day. Chances are that the cell phone you carry around can do a lot more than just make a phone call. It almost certainly has the capability to send a text message; it probably surfs the web; and it can likely pinpoint your location via GPS to get you to the nearest Starbucks.

So as various communications and information technologies become more interdependent, so too does the infrastructure that supports those technologies. Telecommunications networks, cell phone towers, and control centers are just some of the cyber assets that are becoming more and more interwoven everyday.

It’s DHS’ responsibility to coordinate with the private sector, which in large part owns and operates these increasingly seamless networks and systems. We took a big step today toward making sure that we can fulfill our role of being a good partner in the event of a disaster – be it natural or manmade.

This morning, Secretary Napolitano cut the ribbon on the National Cybersecurity & Communications Integration Center (NCCIC). The NCCIC (which we say N-Kick) is a new 24-hour watch and warning center that consolidates many of the Department’s cyber and communications operations centers that respond to emergency incidents.

The NCCIC co-locates the missions and functions of several of the Department’s most important cybersecurity facilities, such as the United States Computer Emergency Readiness Team (US-CERT), the National Coordinating Center (NCC) and the National Cybersecurity Center (NCSC) – and ultimately our private sector partners. This groundbreaking center is the result of collaboration of a Joint Industry-Government Tiger Team, the National Security Telecommunications Advisory Committee, and the Government Accountability Office.

The result is one solution: a unified operations center. The NCCIC will help the department detect, prevent, respond, and mitigate disruptions of voice and cyber communications technologies.

That cell phone relies on more technology and networking than ever before. We’re working every day to keep it safe.

To learn more about the DHS’s cybersecurity efforts, visit www.dhs.gov/cyber.

News and Events Roundup- October 22nd

From Federal Computer Week, about Secretary Napolitano’s speech on Cybersecurity Month:

Homeland Security Secretary Janet Napolitano has gone online to urge private persons to help bolster the country's cybersecurity.

During a speech broadcast on the Homeland Security Department's Web site Oct. 20, Napolitano described computer security as a major scientific and technical challenge with great economic and national security implications. She said everyday people - not just the government - share the responsibility for cybersecurity.

"It's an opportunity for you as an individual to personally to contribute to our national security," Napolitano said. "Securing your home computer helps you and your family - it also helps your nation in some very important ways."

Napolitano said people should:

Install and activate firewalls for their computers and Internet connection.

Ensure that anti-virus and anti-spyware is installed and up-to-date.

Check computer settings to make sure operating systems and applications are automatically patched.

Avoid suspect Web sites, downloading suspicious documents or attachments, or opening e-mail messages from unknown persons.

Perform regular back ups.

Use strong passwords.

Educate children.

From the Washington Times, on the H1N1 vaccine:

Secretary of Homeland Security Janet Napolitano on Wednesday morning acknowledged a delay in the distribution of H1N1 vaccine but said the program should be back on schedule around December.

The Centers for Disease Control and Prevention (CDC) wanted to have 40 million doses shipped by the end of October, but will have roughly 28 million to 30 million.

Ms. Napolitano told CNN before testifying on Capitol Hill that the problem was a manufacturing delay, not a shortage.

"There will be a vaccine for everybody who wants it," she said.

From SC Magazine, on Philip Reitinger's attendance at the RSA Conference in England:

International collaboration and recruitment of experienced people is needed to win the battle against cybercrime.

Speaking at the RSA Conference Europe, the US department of homeland security(DHS) deputy undersecretary of the national protection and programs directorate Philip Reitinger, claimed that the right people are working on battling cybercrime but it needs to be vastly increased.

Reitinger said: “We need developers who work through university who learn to write code. We need to have ethically sound people, people who have a mind for the criminal, make sure that people are used to people's business but have to have the public's interest at heart.

“They need to have a blackhat perspective, and need to do threat modelling. Understanding weaknesses to do a good job of security systems. I think we are trying to invest in the right way.”

From KXO-AM El Centro, CA,on a drug seizure at the Andrade port of entry:

More than 29 pounds of cocaine worth nearly $1 million was seized Tuesday night at the Andrade port of entry.

A drug detection dog assigned to the Yuma Sector Border Patrol alerted to a California registered SUV as it attempted to enter the United States from Mexico at the Andrade port of entry. Further inspection of the vehicle led to the discovery of a compartment below the floorboards. 29.7 pounds of cocaine was found found hidden in the compartment. The vehicle , drugs and 26-year old woman driver of the SUV were all turned over to the Immigration and Customs Enforcement office.

Public Events
10 AM EDT
U.S. Immigration and Customs Enforcement Office of Investigations Deputy Assistant Director Janice Ayala and U.S. Customs and Border Protection Cargo and Conveyance Security Executive Director Todd Owen will testify about cargo threats at land ports of entry before the House Committee on Homeland Security Subcommittee on Border, Maritime and Global Counterterrorism
311 Cannon House Office Building
Washington, D.C.

GFIRST

We’re taking a moment today to feature an important conference coming up at the end of the month. Yes, there are a lot of government conferences every year, and truthfully, we don’t spend a lot of time highlighting them. This blog wouldn’t be a blog anymore if we did; it would be a…well I don’t know, it would just be someplace where conferences are posted. The GFIRST National Conference, however, stands out as one we want to get on the radar for folks outside of the general government conference circuit.

GFIRST focuses on cybersecurity, and brings together dedicated professionals to participate in information-sharing groups, learn about the latest trends and preemptive measures, and listen to expert speakers discuss the latest in cybersecurity news. GFIRST organizers and speakers will use five pillars to communicate the conference’s message. They are:

• Threat
• Vulnerability
• Attack & Detection
• Mitigation
• Reflection

Click here to learn more about how these five pillars guide the discussion on cybersecurity. If you’re a cybersecurity professional, think about coming to the GFIRST conference – you can register onsite. The 5th Annual GFIRST National Conference takes place in Atlanta, Georgia this year from August 23rd-28th, and is hosted by US-CERT, the United States Computer Emergency Readiness Team. US-CERT is a partnership between DHS and the public and private sectors, and charged with protecting the nation's Internet infrastructure by coordinating defense against and response to cyber attacks.

The conference will have nearly 100 sessions with six seminar tracks, based on the GFIRST5 pillars, plus one more: Computer Hacking and Intellectual Property (CHIP). This is the third consecutive year that the GFIRST Conference will serve as a venue for the Justice Department’s CHIP to hold its Coordinators’ Conference.

Senior cybersecurity officials from DHS and the private sector will speak at the conference, including: Philip Reitinger, Deputy Undersecretary of the National Protection and Programs Directorate and Director of the National Cybersecurity Center, and Greg Schaffer, Assistant Secretary of the Office of Cybersecurity and Communications. Dave DeWalt, President and Chief Executive Officer of McAfee, Inc. will also address the conference.

For more information on the 5th Annual GFIRST National Conference, please visit: http://www.us-cert.gov/GFIRST.

A request for information (RFI) to support our cyber mission

In January 2009, DHS’ Cybersecurity & Communications shop hosted an Industry Day to open a dialogue between public and private sector technology providers. Today, as a follow-up to the Industry Day, DHS activated https://www.dhscyber.net for companies interested in responding to a request for information (RFI). The RFI is classified, but in general terms, it seeks information on prospective technical, end-to-end solutions that will help to protect the federal (.gov) cyber domain, and to facilitate cybersecurity improvements affecting the private sector. The effort will enable the Department to develop workable technology solutions while strengthening the relationship between the public and private sectors that is so critical to cybersecurity. Registration will remain open until July 22, 2009.

The Department is committed to increased collaboration between government and industry representatives. In May, President Obama noted in the first-ever Presidential address on cybersecurity:

“[i]t's the great irony of our Information Age -- the very technologies that empower us to create and to build also empower those who would disrupt and destroy. And this paradox -- seen and unseen -- is something that we experience every day.”

At Industry Day, DHS highlighted the need for private industry to become more involved in developing comprehensive, game-changing, innovative solutions that improve and expand upon our current capabilities to protect, detect, and respond to cyber incidents. The recent denial of service (DoS) incident only underscores that point. Our RFI is the next step in reaching out to stakeholders to assist us in advancing our capability to secure the nation’s critical cyber infrastructure and address future cyber challenges. For more information, we encourage you to visit FedBizOpps or email CIVendorInfo@dhs.gov.

Secretary Sits Down with Reporters

Secretary Napolitano sat down with some reporters and bloggers yesterday to answer questions and talk about her upcoming overseas travel and priorities for the summer. Reporters were free to ask questions on any topic – and so, the Secretary discussed counterterrorism, cybersecurity, PASS ID, and a number of other issues. We put the highlights together in the video below for your viewing pleasure. Check it out.

Viewing this video requires the Flash 9 plugin.

Click here for a transcript of the Secretary's remarks.

dhs.gov Spotlight: Career Opportunities

Interested in a career at the Department of Homeland Security? We're always updating career postings on dhs.gov. Check out the most recent opportunities from our Office of Cybersecurity and Communications here, and visit our careers page for openings from around the Department.

Secretary Napolitano Speaks about an Emerged Threat

Last night, Secretary Napolitano spoke at the World Affairs Council Global Education Dinner on an issue that affects all of us: Cybersecurity. It touches every level of government and every part of our daily lives. From our nation's power supply to personal records to bank accounts, it's our responsibility to keep these systems safe. The Secretary spoke at length last night on the topic, and just finished some thoughts on the issue for you to read. Check those out over at the Leadership Journal.