27 Mar 12. Arizona Republican Sen. John McCain said in budget hearings March 27 that he is dissatisfied with the Defense Department’s limited role in defending cyberspace and criticized the Homeland Security Department’s ability to oversee civilian cybersecurity. “Most of us who have been through an airport have no confidence in the technological capability of the Department of Homeland Security,” he said. With $3.4bn requested for fiscal 2013, cybersecurity is one of the few areas of expanding investment in an otherwise lean DOD budget, Army Gen. Keith Alexander, commander of the U.S. Cyber Command and director of the NatiSecurity Agency, told the Senate Armed Services Committee. Alexander called cybersecurity a team sport in which DOD cooperates with DHS and the FBI. He said the Cyber Command’s primary responsibility is to protect DOD networks and respond to attacks from outside U.S. borders, while DHS has responsibility for protecting civilian infrastructure in the U.S. The hearing on the fiscal 2013 budget requests for the U.S. Strategic and Cyber Commands became a duel over opposing views of how the nation’s cyber defense should be structured, with McCain, the committee’s ranking Republican, maintaining that DOD should be given complete responsibility. McCain said the idea that DHS should oversee the security of civilian and privately owned networks was “most curious” and called the separate roles of the departments “stovepipes at the ultimate.” Sen. Joseph Lieberman (I-Conn.) defended the DHS role, saying that the teamwork approach does not create siloed missions but relies on cooperation and information sharing. McCain and Lieberman have introduced competing cybersecurity bills that underscore their different approaches. Lieberman’s Cybersecurity Act of 2012 (S. 2105) is a comprehensive bill that would give DHS authority to oversee minimum security requirements for designated privately owned critical infrastructure. McCain’s Secure IT Act (S. 2151) focuses only on enabling information sharing between the public and private sectors and includes no role for DHS and no security requirements for private infrastructure. (Source: GCN)
27 Mar 12. The Federal Bureau of Investigation’s top cyber cop offered a grim appraisal of the nation’s efforts to keep computer hackers from plundering corporate data networks: “We’re not winning,” he said.
Shawn Henry, who is preparing to leave the FBI after more than two decades with the bureau, said in an interview that the current public and private approach to fending off hackers is “unsustainable.” Computer criminals are simply too talented and defensive measures too weak to stop them, he said. ‘You never get ahead, never become secure, never have a reasonable expectation of privacy or security,’ says Shawn Henry, executive assistant director of the FBI. His comments weren’t directed at specific legislation but came as Congress considers two competing measures designed to buttress the networks for critical U.S. infrastructure, such as electrical-power plants and nuclear reactors. Though few cybersecurity experts disagree on the need for security improvements, business advocates have argued that the new regulations called for in one of the bills aren’t likely to better protect computer networks. Mr. Henry, who is leaving government to take a cybersecurity job with an undisclosed firm in Washington, said companies need to make major changes in the way they use computer networks to avoid further damage to national security and the economy. Too many companies, from major multinationals to small start-ups, fail to recognize the financial and legal risks they are taking—or the costs they may have already suffered unknowingly—by operating vulnerable networks, he said. (Source: WSJ)
27 Mar 12. Saab received an order from the Dutch authority Rijkswaterstaat regarding delivery of the AIS automatic identification system. The system will increase safety on the Dutch waterways.
The contract