Testimony Provides Review of the Federal Cybersecurity Mission
HERNDON, VA – March 10, 2009 – NetWitness Corporation, the leading provider of next generation network monitoring and threat analysis solutions, announced today that its Chairman and CEO, Amit Yoran, testified before the House Homeland Security Committee on the issue of the Nation’s cybersecurity program and initiatives. In his testimony, “Reviewing the Federal Cybersecurity Mission,” Mr. Yoran discusses the Comprehensive National Cyber Initiative (CNCI), highlighting deficiencies and opportunities for improvement. A copy of the written testimony is available for download from the NetWitness website at www.netwitness.com .
“The past two years have brought about an unprecedented level of federal focus and attention to cybersecurity matters culminating in a portfolio of activities commonly referred to as the Comprehensive National Cyber Initiative (CNCI),” testified Mr. Yoran. “Advocacy for CNCI under the Bush Administration resided in the Office of the Director of National Intelligence (ODNI), under whose charge the billions of dollars in programs were conceived and orchestrated. While many of the CNCI programs are well intended and designed, there are several significant flaws in adopting the Bush Administration’s CNCI as an ongoing national cyber strategy.”
According to Mr. Yoran, there are several areas of the Federal Cybersecurity Mission that need improvement. The following is a high-level summary of the areas Mr. Yoran believes should be the focus:
White House Leadership An effective national effort to address cybersecurity can only succeed through continuous, active and decisive White House leadership.
Intelligence A national cybersecurity strategy must leverage the strength of the intelligence community, which in turn must continue to refine its ability to evaluate the quality and value of such information and accurately assess it in order to assure its appropriate dissemination to decision makers across the government and cyber defense community. It must change its culture and prioritize the defensive mission or allow DHS to effectively lead the defensive mission.
Research and Development While the private sector makes significant investment in incremental product, application and protocol improvements; fundamental research is required to meaningfully improve the security of the cyber and critical infrastructures. The government should inform the development of higher quality products in the unclassified and commercial space, not waste large amounts of scare research dollars on development of tactically improved government software.
Standards and Acquisition Reform There needs to be more dynamic methods for systems procurement and lifecycle management to ensure systems are replaced and updated on more frequent lifecycles. The government must use its acquisition powers to increase the security functionality of IT systems available in the commercial markets.
Legal Review and Privacy Oversight Without hard hitting, detailed legislation that structures governance and authorities, no program will be enabled to succeed. An immediate, thorough and transparent legal analysis of the governance, authority and privacy requirements of all operations to secure cyber infrastructure space must occur.
Homeland Security The Department of Homeland Security (DHS) has demonstrated inefficiency and leadership failure in its cyber efforts, and has squandered meaningful progress while adversaries continue to aggressively press their advantage. Investment needs to be made with greater focus on its operational mission and where it can add value in working with cyber defenders across the government and private sector.
Mr. Yoran recommended that the House Homeland Security Committee and Congress work together with the executive branch to assure these fundamental changes are made:
Mr. Yoran currently serves as CEO of NetWitness Corporation. He has previously served as the Director of the National Cyber Security Division and the US-CERT at the Department of Homeland Security; as CEO and founder of Riptech, a leading managed security services provider; and as a the manager of the Vulnerability Analysis Program of the US Department of Defense’s Computer Emergency Response Team. He received his Bachelor of Science degree in Computer Science from the United States Military Academy at West Point and Master of Science in Computer Science from The George Washington University. Mr. Yoran serves as a commissioner on the CSIS Commission on Cyber Security for the 44th Presidency and numerous other industry advisory bodies.
About NetWitness NetWitness® Corporation provides patented next generation network security monitoring software products. Users of NetWitness NextGen™ can concurrently solve a wide variety of information security problems including: advanced persistent threat management, data leakage protection, malware activity detection, insider threat detection, GRC controls verification and network-based e-discovery. Originally, developed for the US Intelligence Community, NetWitness has evolved to provide enterprises with breakthrough methods of network content analysis and risk verification and determination. Customers include Defense, National Law Enforcement and Intelligence Agencies, Top 10 U.S. Banks, Critical Infrastructure, and Fortune 1000 organizations.
To download the freeware version of NetWitness Investigator, visit http://download.netwitness.com. For more information about securing your entire organization with NetWitness NextGen, contact: sales@netwitness.com .