Government unveils computer emergency response team
The Homeland Security Department on Monday announced the creation of a U.S. Computer Emergency Response Team that is designed to become the country's premier "CERT," superseding the private-sector center long run by Carnegie Mellon University.
Homeland Security officials said the CERT would "begin as a partnership" between the National Cyber Security Division within the department and Carnegie Mellon's CERT Coordination Center.
"The U.S. CERT will become the dominant CERT within the community," said Robert Liscouski, Homeland Security assistant secretary of infrastructure protection. He said the center wants to reduce the government's response time for detecting and responding to computer viruses and worms to 30 minutes by the end of 2004.
Liscouski also formally announced that Amit Yoran, Symantec's vice president of managed security services, has been named as the department's cybersecurity director, a nomination reported last week in National Journal's Technology Daily. Tech industry officials offered praise for Yoran, who will be responsible for the U.S. CERT.
The announcements were made at a breakfast sponsored by the Information Technology Association of America (ITAA) and were greeted politely by technology industry officials. But Liscouski alluded to the fact that the technology industry has criticized the Bush administration's attention thus far to cybersecurity within the department.
"Do we have the right emphasis on cybersecurity?" he asked rhetorically. "We have not buried it."
At the same time, some in the audience expressed nervousness about one of the goals for the center identified by Liscouski: to "develop standards to provide us detection methods and tools" for reducing the warning times on viruses.
Asked about whether establishing a government CERT will mean less cooperation with the private sector, ITAA President Harris Miller said, "It will be more collaborative, not less." Carnegie Mellon President Jared Cohen pledged to work cooperatively with Homeland Security.
Established in 1988 to serve as an early-warning system on computer threats, the Carnegie Mellon CERT is part of the university's Software Engineering Institute and is funded by the Defense Department. In recent years, the center has been criticized for its co-sponsorship of the Internet Security Alliance (ISA), which is affiliated with the Electronic Industries Alliance.
Mary Ann Davidson, chief security officer for Oracle, said the team has been "tarnished by selling advanced information of vulnerabilities" to ISA subscribers. She asked Liscouski whether the U.S. CERT would offer "equal access, equal opportunity" to information about vulnerabilities or whether information would be distributed on a sector-by-sector basis.
"This is an attempt to be across the board and have everyone learn" simultaneously about vulnerabilities, Liscouski said. Davidson expressed satisfaction with the reply.
This "shows the [Homeland Security Department] is starting to really get organized and implement programs to counter cybersecurity problems," said Dan Burton, vice president of government affairs for Entrust.
The department "should get credit for working hard on cyber issues and taking them very seriously and reaching out to industry," said Bill Guidera, Microsoft's policy counsel.
Rep. Adam Putnam, R-Fla., praised the new initiative, noting that currently, "the United States is not adequately prepared to ward off a serious cyberattack that could cause severe economic devastation."