Six federal security programs that are making a difference

SANS list turns up a half-dozen success stories in government

Computerworld |

When it comes to data security bug, the stories that become the virtually ink are unremarkably the ones about massive data breaches and other foul-ups, especially if they occur within government.

That's one of the reasons why the Bethesda, Md.-based SANS Institute has decided to come out with a list that focuses on what it considers to exist some of the more successful security efforts within the federal regime. "It gets old if all yous e'er practise is take potshots" at entities that endure breaches, said Alan Paller, SANS' director of inquiry.

The six initiatives in the SANS list were selected based on actual evidence of having made substantial and measurable improvements in one or more than of three areas, according to Paller. Those iii areas are the ability to forestall cyber attacks against disquisitional infrastructure targets, reducing national vulnerability to cyber attacks, and minimizing damage and recovery fourth dimension from attacks that practise occur.

Among the six in the SANS listing, which was released Monday, are the following:

The Federal Desktop Core Configuration (FDCC) initiative

The FDCC effort helps authorities agencies reduce procurement costs and eternalize security of their desktop environments by requiring agencies to implement standard baseline security configurations on all their Windows XP and Vista desktops. The configurations were originally developed and used by the U.Southward. Air Force with help from the National Security Agency, Defense force Information Systems Bureau and the National Institute of Standards and Technology (NIST). The move helped the USAF reduce patching time from 57 days to less than 72 hours and helped reduce desktop procurement costs past over $100 million for the USAF, the SANS report noted.

The USAF'southward success has prompted an effort to implement like baseline standards on millions of desktops beyond the government in the form of the FDCC. "The most important success in federal government cybersecurity to date is the Federal Desktop Core Configuration (FDCC) and its predecessor proof-of-concept project in the U.S. Air Force," the SANS report said.

The United states-CERT Einstein plan

The Einstein Program is an initiative to improve cybersecurity-related situational awareness across the civilian federal government. The programme enables total-time monitoring, sharing and analysis of network traffic data beyond federal agencies to help them more rapidly detect and respond to cyberattacks. So far, 14 federal agencies take deployed Einstein monitors on their network gateways to capture network traffic information and feed it to an analysis program run by the US-CERT on behalf of the U.S. Section of Homeland Security.

This technology demonstrated its hope when information technology helped the Section of Agronomics rapidly identify a system penetration based on an analysis of network packets that had been transmitted from its network to the Department of Transportation. The Einstein program is especially of import "in an age of botnets where increasing numbers of federal systems are infected through spear phishing and then used to attack other organizations or to steal sensitive information," SANS noted.

The National SCADA Examination Bed and Control Systems Security Program

This effort was spurred largely by post-9/11 fears of cyberattacks against the nation's power utility infrastructure. The Supervisory Control and Information Conquering (SCADA) testbed program is designed to help place vulnerabilities in the control systems that manage ability plants, electric distribution systems, oil and gas pipelines, water systems, transportation systems, and dams. Vulnerabilities, when constitute, are reported to the vendors for remedial activeness, and go function of the required procurement checklist for time to come purchases.

The endeavour is led by the U.Due south. Section of Energy and a group of others including DHS, the State of New York, the Idaho National Laboratory, Sandia National Laboratory, Pacific Northwest National Laboratory (PNNL), and a consortium of control arrangement vendors. "Many vulnerabilities in command systems have been found and corrected, and, using the new procurement specifications, buyers of SCADA and command systems can tell vendors exactly what is needed," SANS noted in their study.

The Department of Defence's Common Admission Card (CAC) program

The two-factor authentication supported by the DoD's common-access smart card identity credentials has greatly strengthened access controls to non-classified defense systems. The SANS report quoted a USAF officeholder equally saying that mutual admission cards had contributed to a 46% refuse in successful intrusions of defense systems in 2006. The success of the CAC program has led to a broader attempt to implement like 2-factor authentication systems regime-wide under Homeland Security Presidential Directive-12 (HSPD-12), the SANS report said.

The other ii efforts that made the SANS list were the Full general Services Administration's SmartBuy program and a articulation cybercrime-fighting plan from the Department of Justice and the FBI.

The SmartBuy plan is designed to reduce technology procurement costs through government-wide assemblage of common-of-the-shelf software products. On the security side, the program is assuasive agencies to acquire encryption software at profoundly reduced costs, according to SANS. The Justice Department'southward Computer Crime and Intellectual Property Section (CCIPS) and the FBI'south Cyber Security Programme part work together to combat cybercrime past going subsequently and prosecuting cyber crooks more vigorously.

Jaikumar Vijayan is a freelance technology writer specializing in figurer security and privacy topics.

Copyright © 2007 IDG Communications, Inc.