http://www.thenewnewinternet.com/2010/06/21/richard-steinnon-dhs-not-using-right-tools-for-cyber-war/ The Latest News in Cybersecurity Fri, 20 Jan 2012 01:47:27 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://www.thenewnewinternet.com/2010/06/21/richard-steinnon-dhs-not-using-right-tools-for-cyber-war/comment-page-1/#comment-11015 Harmon Mon, 21 Jun 2010 18:15:45 +0000 http://www.thenewnewinternet.com/?p=6597#comment-11015 There is no silver bullet for security and your negative critique of the Einstein program seems to suggest you think there is. Furthermore, US-CERT was not established to authoritatively protect DHS networks in the sense of mitigation and quarantine, but instead from a reporting and trending aspect (as indicated on their website). Furthermore, your article would be better served if it included a critique AND solution rather than only point out what you think is missing. If you think that a "monitoring" solution is a waste of money, then please explain how MSSPs such as Symantec and Verizon continue to offer monitoring services to their constituents - and why those constituents feel the service is an invaluable aspect of their overall enterprise security posture. Tell us how you think one component within DHS can tell other government organziations how they should better defend their networks and infrastructure without congressional authority to do so? "The only tool in DHS's chest is a monitorying tool"...is this fact or your opinion? I'd be willing to bet DHS isn't gambling their success on "one" tool - perhaps you're just not well informed. "It's time for DHS to get serious about security"... perhaps you could help with a few suggestions instead of a flame session - IMHO. There is no silver bullet for security and your negative critique of the Einstein program seems to suggest you think there is. Furthermore, US-CERT was not established to authoritatively protect DHS networks in the sense of mitigation and quarantine, but instead from a reporting and trending aspect (as indicated on their website). Furthermore, your article would be better served if it included a critique AND solution rather than only point out what you think is missing. If you think that a “monitoring” solution is a waste of money, then please explain how MSSPs such as Symantec and Verizon continue to offer monitoring services to their constituents – and why those constituents feel the service is an invaluable aspect of their overall enterprise security posture. Tell us how you think one component within DHS can tell other government organziations how they should better defend their networks and infrastructure without congressional authority to do so? “The only tool in DHS’s chest is a monitorying tool”…is this fact or your opinion? I’d be willing to bet DHS isn’t gambling their success on “one” tool – perhaps you’re just not well informed. “It’s time for DHS to get serious about security”… perhaps you could help with a few suggestions instead of a flame session – IMHO.

]]>