RSA Conference '09: Government's approach to network security

>> Today when we look at our networks when you look at our networks out there you've got a government network A, government network B and within maybe the services many little networks and firewalls and networks and no common visibility. How do you see those? How do you work those together? So one of the issues is we don't have a way of sharing and seeing the networks today in a timely manner. We've got to build that situational awareness. How do we see and pass that information at network speed for malicious software or malware? How do we get those signatures out and say heads up to our allies, to industry, to DHS and others if it is the exploitation arm of the DOD that's founded or the Intel community? How do we share that for the good of all? That's a tough one. Because in sharing it you're starting to give out a secret. I think we need to ere and put more into cyber security and we're doing that. Work to the defense. Defend the nation. Well what are the kinds of things that we have to see at network speed? The way it used to be is that you would find out that something penetrated a firewall or one of your, one of your systems weren't brought up to date. The antivirus community is superb. They do a great job, they absolutely do. But there is a gap there. And so how do we work together to close that gap to protect our networks with the signatures? How do we do that? What's the relationships between government and those and then how do we provide early warning? And there's where nations can work together. Because when you lay out the globe we're each early warning for others in that globe and there is a way that we can and should work together for the security of those networks and I think that's a huge step forward. One of the things that Mellissa Hathaway assumed spelling and her team has done that's absolutely superb is the outreach in a 60 day time period. With everything that she has to do a great outreach to industry and to our allies, absolutely superb and putting that forward and I know she's supposed to come here tomorrow and talk a little bit about that. Tough job. I think she's made some great leaps. What we need to do, we, the defense community over here, the Intel community figure out how we see this in cyberspace in real time and present the capability provide that early warning to others one job we have. The set can part and I've talked about this on the team, our team, all of us cause when you look at that we're in this team here. NSA is over here. The national security team providing the .mil, the Intel communities' networks. That's our job. The rest of the .gov that's the department of homeland securities job. We'll provide technical support and then we have critical infrastructure that we all depend on and we all have to work together with industry on that. DHS Lee we support, technical support. I see that as our role.

==== Transcribed by Automatic Sync Techologies ====