Two things about the Department of Homeland Security's new National Cybersecurity Alert System: It won't be color-coded,...
and it will mean one additional e-mail alert IT administrators will have to sift through during a security incident.
Cybersecurity czar Amit Yoran this morning announced that the alert system is available, starting today, on a subscription basis from us-cert.gov. There will be separate alerts for technical audiences and for the end-user community.
The alert system is an action item called for by the National Strategy to Secure Cyberspace, which mandated the creation of a cybersecurity warning system, Yoran said.
In addition to alerting administrators about serious worm outbreaks and vulnerabilities, Yoran's office will also offer periodic tips on securing systems and addressing vulnerabilities.
"Alerts will be delivered in two fashions: One, [on] an event-driven basis -- to inform about activity on worms and vulnerabilities [and distributed denial-of-service attacks] to provide guidance and protect systems from being exploited. And, two, moving beyond response to taking a proactive stance," Yoran said. "We are going to provide periodic information to both communities on how to proactively secure systems and address vulnerabilities before they fall victim to viruses, worms and other attacks."
Yoran said the new alert system is not meant to compete with similar alert services from the private sector, in particular from antivirus vendors and large software vendors like Microsoft and Oracle Corp.
He said that the command center at the Dempartment of Homeland Security's U.S. Computer Emergency Readiness Team would track and measure vulnerabilities and other incidents to determine the appropriateness of sending out a national cybersecurity alert. Considerations would include how actively a vulnerability is being exploited and how visible an incident is in the community.
US-CERT represents a partnership between Yoran's office and the private sector. Yoran would not list the private-sector firms involved in the alert process, but he did say the CERT Coordination Center at Carnegie Mellon University would be an active participant.
"The alert system focuses on education, prioritization, awareness and information, sharing with the private sector," Yoran said. "This is one of the building blocks for public-private partnership."
FEEDBACK: How many security alert services do you subscribe to? Is the new system overkill?
Send your feedback to the SearchSecurity.com news team.
Dig Deeper on Information Security Incident Response-Detection and Analysis