CERT Not So Certain

A new report on the U.S. department in charge of cybersecurity reveals it has vast responsibility but little and confusing authority to get the job done.

An article on the Washington Post website cites the report, titled “U.S. Computer Emergency Readiness Team Makes Progress in Securing Cyberspace, but Challenges Remain,” and calls its contents “chilling.”

“CERT is understaffed, with no capacity to do anything other than process data for anomalies and react to breaches after the fact with fixes it has no authority to enforce,” says the article. The report points to problems that include a “broken hiring process” that severely delays new employees from starting their jobs, a significant threat detection and response time, and the government’s lack of authority to act on any of its own safety recommendations.

The article calls for a public-private research and development partnership that would give the government more authority and support, since most networks in the nation’s cyber infrastructure are privately owned.

To read the Washington Post article, click here:
http://www.washingtonpost.com/wp-dyn/content/article/2010/06/19/AR2010061902645.html