DHS to begin deployment of Einstein 3 system this year

Einstein 3 will provide DHS “with the ability to automatically detect and disrupt malicious cyber activity”, Napolitano told an audience at the George Washington University Homeland Security Policy Institute.

The department is currently implementing Einstein 2, which alerts US Computer Emergency Readiness Team (US-CERT) to respond when it detects unauthorized users trying to access government systems. Napolitano said that deployment of Einstein 2 would be completed this year.

Einstein 3, which was developed by the National Security Agency, would automate much of that response. Einstein 1 and 2 focused on intrusion detection, while Einstein 3 will also prevent intrusions.

Einstein 3 expands information sharing by US-CERT, enabling automation of the US-CERT alert process.

There has been opposition to Einstein 3 from privacy advocates. Critics are worried about the involvement of the NSA, particularly because of reports that NSA was involved in wiretapping US citizens during the Bush administration.

Ari Schwartz, a former vice president of the Center for Democracy and Technology, commented about Einstein 3 in July of 2009: “There are a number of concerns that come with this process, the main one being how do you go about protecting the system in a way that insures you’re not monitoring private systems. I don’t have a full answer to that question."

What’s hot on Infosecurity Magazine?