DHS Chief Defends Einstein Technology Following GAO Report

Department of Homeland Security Secretary Jeh Johnson on Saturday issued a statement emphasizing the important role played by the agency’s Einstein network intrusion detection technology following a report last week (TRDaily, Jan. 29) from the Government Accountability Office that said DHS needed to do more to improve the capabilities of its National Cybersecurity Protection System which provides the Einstein technology to protect the networks of federal agencies.

The GAO report said, among other things, that NCPS was “partially, but not fully, meeting its stated system objectives” regarding the Einstein technology, which it said was limited on several fronts including an inability to detect deviations from predefined baselines of normal network behavior, and limitations on the types of network traffic that it was able to monitor.

In his statement over the weekend, Mr. Johnson emphasized that the first two phases of the Einstein system had been deployed to all federal civilian departments and agencies and had, “in fact proven invaluable to identify significant incidents.”  And he emphasized that the third phase of the Einstein system – which now protects “50% of the government and is now available to 100% of the government” – can use classified threat data and ensure that government networks are “protected against our most sophisticated adversaries.”  He said that the third phase of the system, dubbed Einstein 3A, has blocked more than 700,000 “cyber threats.”

“The EINSTEIN system is not a silver bullet,” Mr. Johnson said. “It does not stop all attacks, nor is it intended to do so. It is part of a broader array of defenses.”

He continued, “Further, as GAO notes correctly, the current version of EINSTEIN only blocks cyber threats we know about. But EINSTEIN also provides a platform for new technologies to protect the government. I have therefore directed our team to research and build capabilities that will allow us to detect never-before seen attacks, leveraging the best of government and private sector technology and expertise.”

Mr. Johnson said DHS “will continue to ensure that every department and agency to which EINSTEIN 3A is now available is in fact protected by the program in the near future. I have communicated directly to Cabinet members to ensure that we collectively prioritize this. Recognizing the importance of EINSTEIN, Congress has also mandated that all federal civilian agencies participate in the program by the end of 2016.” – John Curran, john.curran@woltesrkluwer.com

Courtesy TRDaily