Einstein (US-CERT program)

[2] The program was originally developed to provide "situational awareness" for the civilian agencies and to "facilitate identifying and responding to cyber threats and attacks, improve network security, increase the resiliency of critical, electronically delivered government services, and enhance the survivability of the Internet.

[6] With FedCIRC at its core, US-CERT was formed in 2003 as a partnership between the newly created DHS and the CERT Coordination Center which is at Carnegie Mellon University and funded by the U.S. Department of Defense.

[5] US-CERT delivered EINSTEIN to meet statutory and administrative requirements that DHS help protect federal computer networks and the delivery of essential government services.

[7][8] Therefore, a new version of EINSTEIN was planned to "collect network traffic flow data in real time and also analyze the content of some communications, looking for malicious code, for example in e-mail attachments.

[11] EINSTEIN is the product of U.S. congressional and presidential actions of the early 2000s including the E-Government Act of 2002 which sought to improve U.S. government services on the Internet.

The Consolidated Appropriations Act of 2016[13] added 6 USC 663(b)(1), which requires the Secretary of Homeland Security to "deploy, operate, and maintain" a capability to detect and prevent cybersecurity risks in network traffic in federal information systems.

[19] When it was created, EINSTEIN was "an automated process for collecting, correlating, analyzing, and sharing computer security information across the Federal civilian government.

[20] In addition, the program addresses detection of computer worms, anomalies in inbound and outbound traffic, configuration management as well as real-time trends analysis which CISA offers to U.S. departments and agencies on the "health of the Federal.gov domain".

[25] In the Privacy Impact Assessment (PIA) for EINSTEIN 2 published in 2008, DHS gave a general notice to people who use U.S. federal networks.

DHS also assumes that people have at least a basic understanding of how computers communicate and know the limits of their privacy rights when they choose to access federal networks.

To secure its data, US-CERT's center began a DHS certification and accreditation process in May 2006 and expected to complete it by the first quarter of fiscal year 2007.

red white and blue striped booklet cover
The National Strategy to Secure Cyberspace (February 2003) featured the new cabinet-level United States Department of Homeland Security as the lead agency protecting IT . [ 12 ]
screenshot of a booklet PDF with seal and lettering
The Privacy Impact Assessment for EINSTEIN version 2 describes the program in detail. [ 22 ]