Like Causes?

Install the App
TRY NOW

senate Bill S. 1869

EINSTEIN Arrives: Should the DHS Cybersecurity System be Available to All Federal Agencies?

Argument in favor

There have been too many significant breaches of federal networks, which point to a lack of urgency towards cyber security in the affected agencies. Requiring the adoption of DHS security systems should help prevent future breaches.

operaman's Opinion
···
08/10/2015
Hell yes! Great idea to have a common central Cyber-database. I'll personally pay for it myself right after I hack the Federal Reserve. Kinda sounds like that common radio frequencies supported post 2001 Twin Tower attack. Haven't heard how that's working out. Have you?
Like (4)
Follow
Share
Alis's Opinion
···
08/24/2015
The federal government is pitifully underfunded in the area of technology--only the worst will do. It doesn't make sense to expect government to function adequately (or protect the data of the citizenry) without decent equipment. EVERY AGENCY NEEDS IT NOW!
Like (2)
Follow
Share
jrs333's Opinion
···
08/12/2015
That is why the DHS was created, to be a warehouse of security information. So let's make it available.
Like (1)
Follow
Share

Argument opposed

Regardless of what network security system federal agencies use, there will always be breaches because there are highly motivated people that want to break into those networks. If EINSTEIN gets breached, it could affect every agency using the system.

Marvin's Opinion
···
08/23/2015
I think having only one could make us more vulnerable. I think we should hire hackers to hack the hackers.
Like (4)
Follow
Share
Seeya's Opinion
···
08/30/2015
Disband the DHS, they've done nothing but make every law abiding American a potential terrorist.
Like (3)
Follow
Share
TDJCatholicBlogger's Opinion
···
08/21/2015
This a very complex issue, but I will say that, for the moment, to have a single system protecting all government agencies would mean that once it's taken down for one agency, all agencies would become vulnerable. Perhaps a "both it and more" approach would be more resilient.
Like (3)
Follow
Share

What is Senate Bill S. 1869?

This bill seeks to improve federal network security by mandating that federal agencies adopt cybersecurity best practices, and accelerating the use of the Dept. of Homeland Security’s (DHS) intrusion detection and prevention system across the federal government. It responds to several high profile hacks at the Office of Personnel Management (OPM) and the Dept. of Defense (DOD) which compromised the personal information of federal employees and contractors.


Among the newly mandated cybersecurity controls that federal agencies must implement are two-factor authentication and encryption for sensitive systems. DHS and the Office of Management and Budget (OMB) would be required to do a comprehensive assessment of active breaches in federal networks to hunt down and remove intruders.

The DHS intrusion detection and prevention system known as EINSTEIN would made available to other federal agencies following uncertainty whether other agency could deploy the technology. EINSTEIN would be further strengthened by the addition of advanced cyber technologies including commercial tools. Agencies would be required to implement the system within one year of this bill’s enactment. Privacy protections for the system along with transparency and accountability concerns would be addressed in annual status reports to Congress.

All of these requirements would sunset after seven years, while both DHS and OMB would be subject to ongoing reporting to Congress on the implementation of the EINSTEIN system.

Impact

Federal employees and contractors whose information could be compromised by future breaches, federal agencies that haven’t adopted EINSTEIN for network security yet, DHS, OMB, DOD, and Congress.

Cost of Senate Bill S. 1869

A CBO cost estimate is unavailable.

More Information

In-Depth: This bill’s sponsor — Sen. Tom Carper (D-DE) — called the EINSTEIN program a “valuable tool that can help agencies detect and block cyber threats before they can cause too much harm.” Sen. Ron Johnson (R-WI), the lead cosponsor, added that had the system been in place it “likely would have stopped the hack of the Office of Personnel Management.”


This bill was approved unanimously by the Senate’s Homeland Security and Governmental Affairs Committee, and has received strong support from the Dept. of Homeland Security. The Secretary of DHS Jeh Johnson said that this is a “vital piece of legislation” and praised the enhanced security measures it would require.


Of Note: When the Office of Personnel Management was hacked — allegedly by China — it compromised the personal information of over 21.5 million people who work for or applied for jobs within the federal government.


That breach was followed by a hack of the Department of Defense’s email servers, which gave the intruder — believed to be Russia — access to Pentagon worker’s emails. It also wasn’t the first time the DOD’s networks have been breached in 2015, after Russia hacked into its unclassified network in April.


Media:

Summary by Eric Revell
(Photo Credit: Flickr user medithIT)

AKA

Federal Cybersecurity Enhancement Act of 2016

Official Title

A bill to improve Federal network security and authorize and enhance an existing intrusion detection and prevention system for civilian Federal networks.

bill Progress


  • Not enacted
    The President has not signed this bill
  • The house has not voted
  • The senate has not voted
      senate Committees
      Committee on Homeland Security and Governmental Affairs
    IntroducedJuly 27th, 2015
    Hell yes! Great idea to have a common central Cyber-database. I'll personally pay for it myself right after I hack the Federal Reserve. Kinda sounds like that common radio frequencies supported post 2001 Twin Tower attack. Haven't heard how that's working out. Have you?
    Like (4)
    Follow
    Share
    I think having only one could make us more vulnerable. I think we should hire hackers to hack the hackers.
    Like (4)
    Follow
    Share
    This a very complex issue, but I will say that, for the moment, to have a single system protecting all government agencies would mean that once it's taken down for one agency, all agencies would become vulnerable. Perhaps a "both it and more" approach would be more resilient.
    Like (3)
    Follow
    Share
    Disband the DHS, they've done nothing but make every law abiding American a potential terrorist.
    Like (3)
    Follow
    Share
    The federal government is pitifully underfunded in the area of technology--only the worst will do. It doesn't make sense to expect government to function adequately (or protect the data of the citizenry) without decent equipment. EVERY AGENCY NEEDS IT NOW!
    Like (2)
    Follow
    Share
    While certainly appealing on many levels, this would essentially create a single point of failure for our government's network security, and single points of failure are never a good thing.
    Like (2)
    Follow
    Share
    Never put all your eggs in one basket.
    Like (1)
    Follow
    Share
    Common sense. Sadly, this just highlights how incompetent our government is. EVERY SINGLE AGENCY SHOULD HAVE INTRUSION DETECTION AND PREVENTION, IDENTITY MANAGEMENT, FIREWALLS, FRAUD DETECTION AND EVERY OTHER TECHNOLOGY AVAILABLE TO SECURE OUR GOVERNMENT NETWORKS FROM ATTACK. The fact that other agencies don't already have these in place is mind shatteringly outrageous. DHS is a MUCH newer organization than the rest of the Government. They should be implementing solutions already in place at the FBI, CIA, NSA, etc.; not the other way around. If this does not lead to the wide spread termination of every leader and Sr. Security Architect across every agency in the government, it would be a tragic mistake.
    Like (1)
    Follow
    Share
    That is why the DHS was created, to be a warehouse of security information. So let's make it available.
    Like (1)
    Follow
    Share
    The more different systems in use the less likely a major breach
    Like (1)
    Follow
    Share
    DHS? Come on that dept should be eliminated, not spread!
    Like (1)
    Follow
    Share
    Federal government is loosing the cyber war, time to defend themselves better.
    Like (1)
    Follow
    Share
    If there is any unbreached database anywhere it would be good to attempt to firewall it ASAP .
    Like (1)
    Follow
    Share
    This money would be better spent creating a agency that would try and breach government security. Every security system has weaknesses. The most important thing is for the government to know their weakness before the bad guys do and not have confidence in their system
    Like
    Follow
    Share
    Proper standards need to be negotiated and implemented.
    Like
    Follow
    Share
    It is costly, and does the Department of Agriculture have anything that justifies that level of security?
    Like
    Follow
    Share
    DHS is all but a domestic spy agency. Plus such information would not have the requirement of court orders or warrants if shared with law enforcement. I am vehemently opposed.
    Like
    Follow
    Share
    I don't believe all government agencies should be linked. This sounds like only one door leads to all the leaders in the country.
    Like
    Follow
    Share
    If it is the best then it should be available to every American citizen not just the government
    Like
    Follow
    Share
    Where have we been made safer?
    Like
    Follow
    Share
    MORE