CERT Will Help Feds With Cybersecurity

The U.S. Department of Homeland Security and the CERT Coordination Center at Carnegie Mellon University are teaming to prevent and respond to cyberattacks on the Internet.

The new group, called the U.S. Computer Emergency Response Team--or US-CERT--will start as a partnership between the National Cyber Security Division in the Department of Homeland Security (DHS) and the CERT Coordination Center. CERT is a federally funded research and development center in Pittsburgh that receives money from the Department of Defense.

Coordination Planned

US-CERT will provide a center that coordinates both public and private response to cyberthreats, such as the recent Blaster and Sobig worm outbreaks, according to a DHS statement Monday.

The new group will also reach out to cybersecurity agencies in other countries. Its staff expects to coordinate with international CERTs, as well as with private security companies, to develop new detection tools and to encourage the use of common protocols to report software vulnerabilities.

The goal is to reduce both the government's and the private sector's response time to new vulnerabilities and threats to 30 minutes by the end of 2004, DHS says.

The group will also work with infrastructure owners and other technology experts to increase the use of security technologies and best practices.

Partnership Praised

The new partnership was welcomed by the security software industry.

Antivirus company Network Associates issued a statement Monday applauding the creation of the US-CERT.

"This is clearly another big step toward creating a 'culture of security'," says Vincent Gullotto, vice president of the Anti-Virus Emergency Response Team at Network Associates, in the statement.

The Business Software Alliance, a Washington, D.C., software industry group, also offered support for the creation of US-CERT.

In a statement, BSA President and Chief Executive Officer Robert Holleyman cites the need for "extensive cooperation" between public and private sector organizations to manage the country's critical infrastructure and "move this nation's cybersecurity preparedness to the next level."

Voluntary cooperation between business, government agencies, and academic institutions, as well as consumer support, is a cornerstone of the administration's National Strategy to Secure Cyberspace, released last year.