While a $6 billion federal security system operated by the U.S. Department of Homeland Security (DHS) recently came under fire for not doing its job properly, the agency’s top cyber official came to the defense of plans to expand the system despite the longstanding criticism, The Hill reported Thursday (Feb. 11).
Through a secret audit by the Government Accountability Office (GAO), the Einstein system, originally known as the National Cybersecurity Protection System (NCPS), was found to be inadequate when it comes to detecting attempted cyberattacks on federal agencies’ networks.
The GAO report said that by using only signature-based intrusion detection, as opposed to indicating an attack by examining anomalies or odd traffic patterns within a network, the system is essentially limited in how effective it can really be.
“GAO recommends that DHS take nine actions to enhance NCPS’ capabilities for meeting its objectives, better define requirements for future capabilities and develop network routing guidance. DHS concurred with GAO’s recommendations,” the report stated.
Though many security experts see DHS’ Einstein program as both behind-the-times and unnecessarily expensive, the White House’s recent request to inject billions into cybersecurity initiatives will see even more funding being poured into Einstein, as the intrusion-blocking software stands to expand its coverage across the entire government, The Hill explained.
Days after the Obama administration released its Cybersecurity National Action Plan (CNAP), with the $19 billion being requested for the initiatives marking a 35 percent increase over the current fiscal year, DHS made it clear that Einstein is ready for the new funding and greater expansion.
Phyllis Schneck, the head of DHS’ cyber division, said CNAP will “enable us to go faster, go bigger.”
While Schneck didn’t argue against the fact that Einstein has been around a long time, noting that the technology has been around for nearly 25 years, she said the White House’s plans will lay the foundation to making the cybersecurity system a “vital program.”
According to The Hill, Schneck described the proposed funding as “going from vaccines” to “building an immune system,” as it will be used to integrate leading private sector detection tools within Einstein to boost its capabilities.