Group items tagged

"As the federal government readies the third iteration of Einstein, privacy concerns over the intrusion detection system were voiced at a Senate hearing on Tuesday. Philip Reitinger, Department of Homeland Security deputy undersecretary for the National Protection and Programs Directorate, told the Senate Committee on the Judiciary's Subcommittee on Terrorism and Homeland Security that DHS envisions deploying Einstein 3 as an intrusion prevention system. Einstein 1 monitors network flow and Einstein 2 detects system intrusions. "This more robust version of Einstein would provide the federal government with an improved early warning and an enhanced situational awareness; the ability to automatically detect malicious activity; and the capability to prevent malicious intrusions before harm is done," Reitinger said. But Gregory Nojeim, senior counsel and director of Project Freedom, Security and Technology at the Center for Democracy and Technology, cited press accounts that Einstein 3 would rely on pre-defined signatures of malicious code that might contain personally identified information, and threaten the privacy of law-abiding citizens. "While Einstein 2 merely detected and reported malicious code, Einstein 3 is to have the capability of intercepting threatening Internet traffic before it reaches a government system, raising additional concerns," Nojeim testified. Einstein 3 reportedly could operate within the networks of private telecommunications companies, and Nojeim wondered if the technology could analyze private-to-private communications. "If Einstein were to analyze private-to-private communications, that would likely be an interception under the electronic surveillance laws, requiring a court order," he said. "

Government Information Security Podcasts As a GovInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking. Click For More Info Probing Federal IT Security Programs: Gregory Wilshusen, GAO February 23, 2009 Government Accountability Office auditors will have a busy spring, examining a number of federal government programs aimed at securing government information systems and data. In an interview with GovInfoSecurity.com, Gregory Wilshusen discusses how the GAO is looking at how private industry and two dozen federal agencies employ metrics to measure the effectiveness of information security control activities. Other current GAO information security investigations he discusses include: Federal Desktop Core Configuration intended to standardize security features on personal computers purchased by the government. Trusted Internet Connection initiative aimed at slashing government Internet connections to fewer than 100 from more than 2,000. Einstein automated networking monitoring program run by U.S Computer Emergency Readiness Team. Gregory Wilshusen is director of information security issues at GAO, where he leads information security-related studies and audits of the federal government. He has more than 26 years of auditing, financial management and information systems experience. Before joining GAO in 1997, Wilshusen served as a senior systems analyst at the Department of Education as well as the controller for the North Carolina Department of Environment, Health and Natural Resources.