[Infowarrior] - Too many U.S. agencies tackle cybersecurity threats

Richard Forno rforno at infowarrior.org
Mon Jan 12 17:04:59 UTC 2009 

oo many U.S. agencies tackle cybersecurity threats
Published: Jan. 9, 2009 at 3:44 PM

http://www.upi.com/Security_Industry/2009/01/09/Too_many_US_agencies_tackle_cybersecurity_threats/UPI-76491231533856/

By LOREN B. THOMPSON
UPI Outside View Commentator

ARLINGTON, Va., Jan. 9 (UPI) -- Within the U.S. federal government,  
most of the funding allocated to information security and offensive  
cyber operations is spent by agencies of the Department of Defense.

The biggest player is the National Security Agency at Fort Meade, Md.,  
which since the early days of the Cold War has been engaged in  
collecting and analyzing signals intelligence.

The NSA appears to have lead responsibility for securing all  
intelligence networks, and it shares expertise with the Defense  
Information Systems Agency that oversees military networks.

U.S. Strategic Command is the lead combatant command responsible for  
information operations and cybersecurity. In addition, each of the  
military departments of the Department of Defense -- the U.S. Army,  
U.S. Navy and U.S. Air Force -- has a dedicated command for managing  
information networks and assuring their security.

Although it receives much less money for network operations and  
security than the Department of Defense, the U.S. Department of  
Homeland Security is the lead federal agency for coordinating national  
cyberdefense initiatives.

The Department of Homeland Security maintains a National Cyberspace  
Response System that includes the U.S. Computer Emergency Readiness  
Team. This is the best-known domestic responder to cyber incidents.

A National Cyber Security Center was recently established within the  
Department of Homeland Security to oversee the Comprehensive National  
Cybersecurity Initiative begun by the Bush administration in early  
2008. That initiative, which extends over many years and entails  
dozens of different projects, is supposed to integrate the security  
efforts of both defense and civil agencies in addressing all of the  
U.S. government's cyber vulnerabilities.

However, as this brief description of U.S. organization for  
cyberdefense demonstrates, the structure of the U.S. government does  
not lend itself to timely and consistent implementation of network- 
security measures. The threat is evolving too fast and on too many  
fronts.

No single agency can address the entire cyber challenge, because it  
crosses all organizational and operational boundaries. Various  
departments or agencies of the federal government may wish to lead the  
cybersecurity effort, but they all lack the authority to direct  
actions by organizations outside their budget or chain of command.

Only the White House has the power to lead such a multifaceted  
undertaking, and the National Security Council is the logical  
mechanism within the White House to take on that task. Without White  
House leadership, bipartisan support and public awareness, it is  
unlikely that the United States can defeat the danger to its vital  
information networks.

More information about the Infowarrior mailing list