Home Archive RSS/XML Subscribe Shop

[ISN] House committee keeps pressing DHS on cybersecurity

From: InfoSec News <alerts_at_infosecnews.org>
Date: Mon 18 Jun 2007 - 01:03:33 CDT
http://www.fcw.com/article103011-06-15-07-Web

By Jason Miller
June 15, 2007

Lawmakers continue to investigate the vulnerability of the Homeland 
Security Departments information technology networks.

The investigation, which started April 30 with a letter to department 
Chief Information Officer Scott Charbo, will continue June 20 when the 
House Homeland Security Committees Emerging Threats, Cybersecurity, and 
Science and Technology Subcommittee will hold a hearing examining the 
issues DHS faces and what it is doing to improve its security.

In a letter to Charbo May 31, committee Chairman Bennie Thompson 
(D-Miss.) asked an additional 12 questions about the status of DHS 
networks, how the agency is mitigating risks, when it last audited 
contractors and internal systems, and more specifics on the data 
security breaches Charbo reported in answers to the first set of 
questions.

Charbo will testify next week along with Greg Wilshusen, director of 
information security issues at the Government Accountability Office, and 
Keith Rhodes, GAOs chief technologist.

The subcommittee will begin examining specific incidents that occurred 
on DHS networks including rootkits, classified leaks, compromised Web 
sites, bot infections, unauthorized use of networks by contractors and 
viruses, according to a subcommittee briefing paper on the hearing. GAO 
will describe an engagement they completed for the chairman on a 
specific DHS network that is riddled with significant information 
security control weaknesses that place sensitive and personally 
identifiable information at increased risk of unauthorized disclosure.?

The subcommittee will also look at DHS network consolidation project, 
called OneNet, and its plans to continue investigating incidents on 
contractor-run networks, the briefing paper states.

Charbo has until today to answer Thompsons latest questions. Among the 
items Thompson is requesting:
    
* A full network topology diagram.
* DHS plans to remedy vulnerabilities before converging networks under 
  OneNet.
* A list of funding reductions for DHS directorates that are not 
  mitigating risks and completing their security improvement milestones.
* DHS latest assessment of its wireless systems.
* DHS latest assessment of its contractor-run networks.
Received on Mon Jun 18 01:03:33 2007
Google
 
Web www.infosecnews.org
© Copyright 2007 InfoSec News
Home Archive RSS/XML Subscribe Shop Privacy