Twitter Facebook Google RSS
Homeland Security News 

DHS Beefs Up Cybersecurity Efforts With Monitoring, Authentication Tools 


By Yasmin Tadjdeh 

The Department of Homeland Security is increasing its cybersecurity presence by using continuous monitoring tools and improving verifying measures, said a top department official.

As part of its continuous diagnostics and monitoring program, DHS is tracking activity across its systems for anomalies and viruses, said Richard Spires, the department’s chief information officer.

“We were really moving aggressively as a government into this whole area of continuous monitoring, as we call it,” said Spires.

While the program is being implemented across DHS, it will also cover the entire space, which DHS manages, Spires said at the Center for National Policy, a Washington, D.C.-based think-tank.

Continuous monitoring also allows for DHS to better gauge what products and services it needs to purchase. If one section of DHS owns more servers than it needs, continuous monitoring will be able to point that out and funds can be better allocated, Spires said. Transitioning to cloud computing could also assist with the effort, he said.

“You have all these servers out there, and when you do inventories, you find a lot of them are running at very low utilizations on average. We’ve still got to tackle that problem, and cloud computing helps us do that,” Spires said.

About $200 million was allocated for the program in a fiscal year 2013 budget request that went to Capitol Hill, Spires said.

Better education across the federal government is also needed, Spires said.

“With 200,000-plus employees, people are going to make mistakes. … How you deal with those also becomes a critical issue on cyber prevention,” said Spires. “DHS is taking this issue very, very seriously and really putting more and more resources in how do we better protect the homeland security enterprise and, in particular, critical infrastructure.”

DHS has also been implementing smart card authentication to obtain access to protected computers and areas, following instruction from the Homeland Security Presidential Directive 12 initiative. HSPD-12, released in 2004, called for federal employees and contractors to acquire secure, electronic identification.

“We all know that strong authentication — at least two-factor authentication — is a really critical aspect of good security today,” said Spires. “Within DHS, we’ve got nearly 100 percent of us that have these smart cards.”

When it comes to authenticating mobile devices, however, Spires said it is impractical to swipe the HSPD-12 card into a phone or tablet.

“We’re looking at things like derived credentials and how can we still do strong authentication in that particular environment.  This is an area that is not yet really mature from an industry perspective,” he said.

Photo Credit: Thinkstock
Reader Comments

Re: DHS Beefs Up Cybersecurity Efforts With Monitoring, Authentication Tools

Double-gate, or two-factor authentication, could be accomplished by developing a biologic fingerprint reader which plugs into a smartphone (or, use of the camera with an small, attachable liquid-based fingerprint scanner. Then you would have a biologic "key", and the passphrase.

Larry Mahana on 04/27/2013 at 16:47

Re: DHS Beefs Up Cybersecurity Efforts With Monitoring, Authentication Tools

DHS should make these tools available to the private industry. If it feels that sharing with public will make the vulnerabilities known to potential hackers,it should at least share a stripped down version of the tools so that the industry can come up with improvements. End of the day if US businesses suffer it is the US treasury that gets effected and eventually the general public.

John Dorapalli on 04/16/2013 at 22:33

Submit Your Reader's Comment Below
The content of this field is kept private and will not be shown publicly.
Please enter the text displayed in the image.
The picture contains 6 characters.
*Legal Notice

NDIA is not responsible for screening, policing, editing, or monitoring your or another user's postings and encourages all of its users to use reasonable discretion and caution in evaluating or reviewing any posting. Moreover, and except as provided below with respect to NDIA's right and ability to delete or remove a posting (or any part thereof), NDIA does not endorse, oppose, or edit any opinion or information provided by you or another user and does not make any representation with respect to, nor does it endorse the accuracy, completeness, timeliness, or reliability of any advice, opinion, statement, or other material displayed, uploaded, or distributed by you or any other user. Nevertheless, NDIA reserves the right to delete or take other action with respect to postings (or parts thereof) that NDIA believes in good faith violate this Legal Notice and/or are potentially harmful or unlawful. If you violate this Legal Notice, NDIA may, in its sole discretion, delete the unacceptable content from your posting, remove or delete the posting in its entirety, issue you a warning, and/or terminate your use of the NDIA site. Moreover, it is a policy of NDIA to take appropriate actions under the Digital Millennium Copyright Act and other applicable intellectual property laws. If you become aware of postings that violate these rules regarding acceptable behavior or content, you may contact NDIA at 703.522.1820.

  Bookmark and Share