The Department of Homeland Security (DHS) Jeh Johnson announced Wednesday that as of the end of 2016 the EINSTEIN 3A Accelerated (E3A) cybersecurity defense system is providing coverage to all civilian cabinet-level departments and 45 federal departments and agencies. However, this falls short of a mandate by Congress, Johnson previously noted, that all federal civilian agencies avail themselves of the program by the end of 2016.
The EINSTEIN program guards the perimeter of federal agency networks like a gateway and perimeter fence scanners. While it is deployed and operated by DHS, it is the responsibility of the individual government entities to adopt the system’s capabilities.
EINSTEIN 1 operates as a kind of recorder, observing basic information about activity entering and existing in a network. EINSTEIN 2 detects prohibited adversaries that enter networks and alerts personnel. E3A, residing with Internet Service Providers (ISPs) serving the government, can both identify and block known malicious traffic and uses classified information to protect unclassified government systems.
EINSTEIN 1 and 2 have been deployed across all civilian government departments and agencies since August 2015. At the start of 2017, E3A is providing coverage to all of the cabinet-level departments for a total of 45 departments and agencies, DHS said. This represents 93 percent of the civilian workforce in the executive branch, Johnson said in a statement Wednesday.
The department was unable to clarify what seven percent of the civilian workforce is falling short of the congressional mandate by publication time.
The 93 percent coverage is up from about 28 percent of the workforce covered in May 2015.
“At the time, I directed our cybersecurity team to make at least some aspects of E3A available to all civilian departments and agencies by the end of 2015. We met that deadline. Next, I directed our team to focus on ensuring that all civilian departments and agencies were actually using at least some aspects of E3A for the protection of their networks by the end of 2016,” Johnson said.
He highlighted that E3A has so far blocked over one million potential cyber threats and it has the capability to identify unwanted intrusions or exfiltrations with the use of classified information. However, it can only block known threats and is not intended to stop all threats, but will be a platform for future developments.
“E3A will also serve as a platform for future technology that will block suspected bad actors,” he added.
Departments and agencies covered by E3A as of the end of 2016 include the Office of Personnel Management (OPM) as well as the Departments of Homeland Security, State, Justice, Energy, Commerce, Interior, Labor, and Veterans Affairs.
DHS said it is working with the remaining departments and agencies to complete the use of E3A protection in their networking “within a short period of time.”
“I encourage these few remaining departments and agencies to work with us to deploy E3A and other cybersecurity protections across their networks as soon as possible,” Johnson said.