[ISN] DOD to hold security stand-down
InfoSec News
isn at c4i.org
Thu Nov 17 02:25:36 EST 2005
http://www.fcw.com/article91462-11-16-05-Web
By Frank Tiboni
Nov. 16, 2005
The Defense Department will hold a "security stand-down" Nov. 29 to
focus on information assurance and network security.
Military and civilian employees at the major commands, services and
agencies will focus on better protecting DOD data and systems. One
step will involve changing passwords, said Air Force Lt. Gen. Charlie
Croom, director of the Defense Information Systems Agency and
commander of the Joint Task Force for Global Network Operations
(JTF-GNO). He spoke Nov. 16 during a luncheon sponsored by the
Washington, D.C., chapter of AFCEA International.
Croom said DOD will stand down on security the same way the services
do when one of their aircraft crashes or experiences problems. He said
the department will focus on enterprise security.
Strategic Command (Stratcom), the major command that oversees the
operation and protection of the military's networks, issued the
security stand-down order the week of Nov. 7. DOD employees will
conduct certain activities to strengthen and become more aware of
network security, said Tim Madden, a spokesman for JTF-GNO. He
declined to elaborate.
Croom said DOD networks are being intruded on. "The enemy is among
us," he said.
He added that some DOD officials are concerned about the amount of
hardware and software manufactured overseas and whether they might
incorporate malicious code. He said one way to fight the problem is to
require companies to assure DOD that their products are safe and for
the military to monitor them closely.
Croom said Marine Corps Gen. James Cartwright, Stratcom's commander,
told him to start directing actions on the networks. Croom said he has
begun taking a proactive role to strengthen network security instead
of collecting information about and getting status reports on DOD's
data systems.
The security stand-down comes three months after Federal Computer Week
reported that China has been hacking into U.S. military networks and
obtaining military secrets, including future command and control
information. DOD officials are now considering new policy and
acquisition initiatives to improve information assurance.
More information about the ISN
mailing list