16 Dec 10. U.S. Homeland Security Secretary Janet Napolitano today stressed the need for shared responsibility and strategic partnerships to secure cyberspace.
“This has got to be a team effort,” Napolitano said at a cybersecurity symposium held in Washington. “No one agency can do it alone. Cybersecurity is about effective partnerships and shared security.”
She said a layered approach to security and partnerships is the key to
cybersecurity, rather than a top-down or government-down approach. She added that cybersecurity has ramifications that go beyond the Internet.
“The Obama administration is committed to working closely with our partners across government and in the private sector to achieve a cyberspace that is safe and resilient and that remains a source of opportunity and growth,” Napolitano said.
The Homeland Security and Defense departments are working together to combat cyberattacks, she said, and pointed to an agreement she signed with Defense Secretary Robert Gates in October to align their capabilities to protect military and civilian networks.
“For the first time ever, there are individuals stationed at [the National Security Agency] for particular protections in a civilian context and to tap into those incredible capabilities,” Napolitano said. “We need colleges and universities to make cybersecurity a multidisciplinary pursuit,” she added.
Napolitano also called on the government to continue working to secure federal civilian networks and help the private sector secure the cyber infrastructure. (Source: GCN)
16 Dec 10. The U.S. government’s main code-making and code-cracking
agency now works on the assumption that foes may have pierced even the most sensitive national security computer networks under its guard.
“There’s no such thing as ‘secure’ any more,” Debora Plunkett of the National Security Agency said on Thursday amid U.S. anger and embarrassment over disclosure of sensitive diplomatic cables by the web site WikiLeaks. The most sophisticated adversaries are going to go unnoticed on our networks,” she said. Plunkett heads the NSA’s Information Assurance Directorate, which is responsible for protecting national security information and networks from the foxhole to the White House. “We have to build our systems on the assumption that adversaries will get in,” she told a cyber security forum sponsored by the Atlantic and Government Executive media organizations. The United States can’t put its trust “in different components of the system that might have already been violated,” Plunkett added in a rare public airing of NSA’s view on the issue. “We have to, again, assume that all the components of our system are not safe, and make sure we’re adjusting accordingly.” The NSA must constantly fine tune its approach, she said, adding that there was no such thing as a “static state of security.” More than 100 foreign intelligence organizations are trying to break into U.S. networks, Deputy Defense Secretary William Lynn wrote in the September/October issue of the journal Foreign Affairs. Some already have the capacity to disrupt U.S. information infrastructure, he said. Plunkett declined to comment on WikiLeaks, which has started releasing a cache of 250,000 diplomatic cables, including details of overseas installations that officials regard as vital to U.S. security. Official have focused publicly on Army Private Bradley Manning, who is being detained at a Marine Corps base in Quantico, Virginia, as the source of the leak. NSA, a secretive Defense Department arm that also intercepts foreign communications, conceives of the problem as maintaining the availability and assuring the integrity of the systems it guards, rather than their “security,” she said. NSA — which insiders jokingly used to say referred to “No Such Agency” — also focuses on standardization and auditing to hunt for any intrusions, Plunkett said. She referred to the development of sensors for eventual deployment “in appropriate place