House committee keeps pressing DHS on cybersecurity

House committee keeps pressing DHS on cybersecurity
House committee keeps pressing DHS on cybersecurity 

By Jason Miller
June 15, 2007

Lawmakers continue to investigate the vulnerability of the Homeland 
Security Departments information technology networks.

The investigation, which started April 30 with a letter to department 
Chief Information Officer Scott Charbo, will continue June 20 when the 
House Homeland Security Committees Emerging Threats, Cybersecurity, and 
Science and Technology Subcommittee will hold a hearing examining the 
issues DHS faces and what it is doing to improve its security.

In a letter to Charbo May 31, committee Chairman Bennie Thompson 
(D-Miss.) asked an additional 12 questions about the status of DHS 
networks, how the agency is mitigating risks, when it last audited 
contractors and internal systems, and more specifics on the data 
security breaches Charbo reported in answers to the first set of 

Charbo will testify next week along with Greg Wilshusen, director of 
information security issues at the Government Accountability Office, and 
Keith Rhodes, GAOs chief technologist.

The subcommittee will begin examining specific incidents that occurred 
on DHS networks including rootkits, classified leaks, compromised Web 
sites, bot infections, unauthorized use of networks by contractors and 
viruses, according to a subcommittee briefing paper on the hearing. GAO 
will describe an engagement they completed for the chairman on a 
specific DHS network that is riddled with significant information 
security control weaknesses that place sensitive and personally 
identifiable information at increased risk of unauthorized disclosure.?

The subcommittee will also look at DHS network consolidation project, 
called OneNet, and its plans to continue investigating incidents on 
contractor-run networks, the briefing paper states.

Charbo has until today to answer Thompsons latest questions. Among the 
items Thompson is requesting:
* A full network topology diagram.
* DHS plans to remedy vulnerabilities before converging networks under 
* A list of funding reductions for DHS directorates that are not 
  mitigating risks and completing their security improvement milestones.
* DHS latest assessment of its wireless systems.
* DHS latest assessment of its contractor-run networks.

Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. 

Site design & layout copyright © 1986-2014 CodeGods