Napolitano Outlines DHS Response to RSA BreachSecretary Discusses How DHS Helps Businesses Address Threats
Napolitano said that after hackers targeted RSA's SecurID authentication offering (see DHS Responds to RSA SecurID Breach), DHS worked with the company, law enforcement and the intelligence community to mitigate the hazard, identified as an advanced persistent threat. "We took our understanding of the tools, tradecraft and techniques used by these malicious actors, and converted it into actionable information that all 18 critical infrastructure sectors could use to employ mitigation measures that would lower their risk to the type of attack we saw at RSA," Napolitano said
"Beyond working with critical infrastructure partners, we also partnered with antivirus companies so they could take proactive measures to stop possible threats from reaching an even broader audience," she said. "We worked with our federal agency partners to share and disseminate these indicators as widely as possible, thus reducing the risk to the federal government."
Napolitano said DHS's Science and Technology Directorate is leading efforts to develop and deploy more secure Internet protocols. "This is the only continuous research, development, test and evaluation and deployment effort in or outside the U.S. government," she said, adding that major information and communications companies as Verisign, Microsoft and Comcast have incorporated the DHS protocol to into their products. The secretary told the students the directorate also supports multiple efforts to protect Internet infrastructure from attack by creating new tools to detect malicious software on networks and new test beds and measurement techniques to help characterize and develop countermeasures for current and emerging cyber attacks.
In the speech, which amounted to a DHS state-of-cyber address, Napolitano spoke of a shared responsibility between government and the private sector, a theme she mentions in nearly every speech she makes on cybersecurity to secure cyberspace as a vital national and security priority.
Napolitano noted that a recent spate of high-profile breaches that included RSA, e-mail marketer Epsilon (see Epsilon Breach: The Growing Impact) and NASDAQ (see NASDAQ Breach: You Should be Concerned) is becoming commonplace, much like what happens in the real world. "Just as all cities experience some crime, so too does cyberspace," she said. "We cannot eliminate the risk entirely. While it can seem like the dangers posed in cyberspace are magnified because of its inherent openness, at DHS, we believe that by doing something we call enabling distributed security - making the open nature of the Internet one of its strengths - we can support the enormous potential of cyberspace while creating a secure environment."
The secretary said it's DHS's responsibility to lead the protection of critical infrastructure and its connections to cyberspace. "This is not something we can do by ourselves. It requires a full range of partners - including other government agencies, the private sector, as well as individual users of the Internet," she said. "Right now, we're building what we call a technical ecosystem based on an understanding of cyberspace as a civilian, distributed place, and also the policy ecosystem to support it."
She said she used the term ecosystem intentionally because cyberspace is a dynamic, constantly changing, even organic environment. "We cannot treat it as static or self-contained," she said.
Last month, DHS unveiled a technical vision for enhancing cybersecurity that it contends will empower individuals and enterprises to take action to enhance their own security operations (see DHS Envisions a Healthy Cyber Ecosystem). It has three primary building blocks: automation, interoperability and authentication. "Too often today, our cyberdefenses are ad hoc, manual processes," Napolitano said. "Because things in cyberspace move at Internet speed, we need to move to a system of automated defenses, with real-time detection capabilities and coordinated responses. As we all know from waiting for a page to load on our computers or mobile devices, a few seconds is a long time in cyberspace."