Feature
News
2/12/2004
03:56 PM
Connect Directly
RSS
E-Mail
50%
50%

Q&A With Amit Yoran

A public-private partnership is crucial to improving IT security in the government and in enterprises, says Amit Yoran, head of the National Cyber Security Division in the Department of Homeland Security, in an exclusive interview with InformationWeek editors.

Amit Yoran is the director of the National Cyber Security division of the Information Analysis and Infrastructure Protection office at the U.S. Department of Homeland Security. Before his appointment last September, he was VP for managed security services at Internet security vendor Symantec Corp. Yoran also was founder and president and CEO of the managed security services firm Riptech Inc., which was acquired by Symantec in 2002. Yoran also was the director of the vulnerability-assessment program within the Computer Emergency Response Team at the Department of Defense and the network security manager, responsible for maintaining operations of the Pentagon's network. He has a bachelor's degree from the United States Military Academy at West Point and a master's from George Washington University.

Yoran recently spoke with InformationWeek editor Stephanie Stahl and InformationWeek security reporter George V. Hulme about initiatives under way at the National Cyber Security Division, cyberterrorism, software quality, and his views on the state of information security for the year ahead.

InformationWeek: When something like the recent ASN.1 Microsoft vulnerability is announced, how does the National Cyber Security Division at the Department of Homeland Security go about handling the information and the alert?

Yoran: We are running through the process with that vulnerability as we speak and will likely issue an alert on the topic. When we look at those topics and those issues, NCSD is focused on a number of key metrics and one of them is the pervasiveness of the technology that is vulnerable. Another metric would be the extent to which an exploit [code that attackers use to break into applications and systems] may or may not be occurring around any given vulnerability. And we look at whether or not there is any action that can be taken when it comes to defense and countermeasures. Candidly, we also look at the visibility around a vulnerability.

InformationWeek: Is the NCSD announcing some forums to help with the process of exchanging security-related information among various organizations?

Yoran: Yes, there are a couple of things we are doing around partnership programs. Some of which we have already launched and are under way and others we will be launching in the very near future. The ones that are in operation are really focused on the public sector side of things. The Government Forum of Incident Response and Security Teams includes those entities that have a 24/7 cybersecurity function responsible for protecting departments and agencies within the federal government, This forum was created to provide a cooperative environment where they can exchange situational awareness, technical information, tools and techniques, and countermeasures on a 24/7 basis among each other. This forum functions at the technical operator level.

Another group is the Chief Information Security Officers Forum, which we put together. That is a collaborative forum where CISOs within the federal government can get together and exchange their success stories, experiences, as well as those programs, technologies, and initiatives that have been successful for them and those that have been challenged. It's a forum where they can leverage one another's experiences and capabilities so we are not reinventing the wheel each time we implement security measures in the federal government.

The third forum we recently put together is the Cyber Interagency Incident Management Group. This is a forum where all of the major departments and agencies that have significant capabilities and authority to operate in the cyber realm can engage with one another to increase preparedness and coordination during a time of crisis. These include agencies with law-enforcement authorities, various components of the intelligence community and their cybersecurity operators, as well as the Department of Defense and a number of other federal and civilian organizations. So during a time of crises, the federal government itself is coordinated on the cyber front about which activities are occurring where and to make sure our resources are best focused.

Previous
1 of 5
Next
Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.