Give Us 93 Million. We’ll Give You These Posters.
US-CERT, the cyber division of the Department of Homeland Security introduced 4 posters today with the hopes that businesses will print them out and hang them in break rooms across America- hopefully between the water cooler and the half-eaten box of donuts.
You can see the posters here:
To be fair, the first poster is a pretty concise list of best practices that should be adopted by any organization’s IT department. But the second poster urges everyone to report to US-CERT knowledge of “anyone in your organization receiving suspicious e-mails that include unsolicited attachments.” What a monumental waste of time it is to report virus attachments to the Feds.
If anyone reports an incident to US-CERT, they will be given an incident number.
…
That’s it. Just a number. It doesnt mean that US-CERT will do anything about your incident, such as report it to a law enforcement office, or help you recover from your incident. For instance, you receive a malicious attachment in an email, and you open it, and it installs a network-based keylogger. If you report this to US-CERT, they will gladly give you a number and tell you to have a nice day.
You are much better off particiating with an ISAC or an Information Sharing Analysis Center, which is an industry-focused information security analysis center. Those folks are much better equipped to actually respond and provide assistance than DHS, and if law enforcement is needed, a referral from an ISAC will garner a more immediate response than a citizen report.
President Bush has allocated 93 Million Dollars for NCSD in his 2007 budget. Details are here:
Cyber security is a key element of homeland security. The consequences of a cyber attack could cascade across multiple infrastructures and imperil public safety. The National Cyber Security Division (NCSD), now a part of the Preparedness Directorate, carries out the Department?s cyber security responsibilities. It was established in 2003, in response to the President?s National Strategy to Secure Cyberspace, as the national focal point for cyber security. Recognizing today?s interconnected environment, NCSD works collaboratively with public, private, and international entities to secure cyberspace and America?s cyber assets. The Budget includes $93 million for the NCSD?s program and activities.
A core component of NCSD is the U.S. Computer Emergency Response Team (US-CERT). US-CERT operates a round-the-clock cyber watch, warning, and incident response center. The center coordinates responses to cyber incidents, monitors the network activity of Federal agencies, and provides a web portal for secure communications with private and public sector stakeholders. US-CERT also operates a public website (www.us-cert.gov) and the National Cyber Alert System, which provides timely information to the public. In addition to its watch and warning function, US-CERT conducts malicious code analysis, improves the security of software, and conducts cyber threat and vulnerability analysis.
And they make nifty break-room posters.