FedCIRC maps cyber battle plan

FedCIRC home page

The Federal Computer Incident Response Capability is planning programs for

the coming year to help agencies face the growing number of cyberattacks

and to coordinate warnings and responses across government.

The initiatives will be funded with the $8 million FedCIRC is due to

receive when the final appropriations bills are signed. FedCIRC is based

at the General Services Administration.

The changes will strengthen FedCIRC's abilities and will also include

new offerings that are intended to enhance the entire government's security

posture, said FedCIRC director Dave Jarrell, speaking at the Information

Technology Security Innovations conference in College Park, Md. Tuesday.

"There are no silver bullets, but what our initiatives do is shorten

the time it takes to respond," he said.

FedCIRC already has developed a solicitation to bring in a new private-sector

partner to focus on the day-to-day responses and advisories that the organization

provides to agencies. The Carnegie Mellon University Computer Emergency

Response Team (CERT), which currently serves in that capacity, will change

its efforts to analysis of incidents and attacks.

Another priority is the automated patch distribution system. FedCIRC

has been working on ideas for the system while waiting for funding to put

a contract and the system in place, Jarrell said.

FedCIRC will be building on the CIO Council's memo this month asking

agencies to develop formal methods to coordinate with FedCIRC, including

the development of a secure network that will enable federal security managers

to discuss incidents without worrying that information will leak out to

the public or the attackers, Jarrell said.

The organization also is moving forward with plans for a high-volume

phone and fax system that will help notify agencies when e-mail systems

are down and an AM radio advisory station that will notify federal employees

of potential cyber dangers during off-hours.

FedCIRC also is developing a new managed security services multiple-award

contract. The contract will enable agencies to find vendors that can provide

monitoring and alert skills that many agencies lack. It will also include

a way for agencies to feed information to FedCIRC via vendors, giving the

organization a complete snapshot of security problems across government.

"Agencies are going to have complete control over the depth and type

of monitoring and what information goes to FedCIRC," Jarrell said.