Cyber Security—2010 Hearings Committee On
Total Page:16
File Type:pdf, Size:1020Kb
S. Hrg. 111–1103 CYBER SECURITY—2010 HEARINGS BEFORE THE COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS UNITED STATES SENATE ONE HUNDRED ELEVENTH CONGRESS SECOND SESSION JUNE 15, 2010 PROTECTING CYBERSPACE AS A NATIONAL ASSET: COMPREHENSIVE LEGISLATION FOR THE 21ST CENTURY NOVEMBER 17, 2010 SECURING CRITICAL INFRASTRUCTURE IN THE AGE OF STUXNET Available via the World Wide Web: http://www.fdsys.gov/ Printed for the use of the Committee on Homeland Security and Governmental Affairs ( U.S. GOVERNMENT PRINTING OFFICE 58–034 PDF WASHINGTON : 2011 For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866) 512–1800; DC area (202) 512–1800 Fax: (202) 512–2104 Mail: Stop IDCC, Washington, DC 20402–0001 VerDate Nov 24 2008 14:00 Nov 14, 2011 Jkt 058034 PO 00000 Frm 00001 Fmt 5011 Sfmt 5011 P:\DOCS\58034.TXT SAFFAIRS PsN: PAT COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS JOSEPH I. LIEBERMAN, Connecticut, Chairman CARL LEVIN, Michigan SUSAN M. COLLINS, Maine DANIEL K. AKAKA, Hawaii TOM COBURN, Oklahoma THOMAS R. CARPER, Delaware SCOTT P. BROWN, Massachusetts MARK L. PRYOR, Arkansas JOHN MCCAIN, Arizona MARY L. LANDRIEU, Louisiana GEORGE V. VOINOVICH, Ohio CLAIRE MCCASKILL, Missouri JOHN ENSIGN, Nevada JON TESTER, Montana LINDSEY GRAHAM, South Carolina ROLAND W. BURRIS, Illinois EDWARD E. KAUFMAN, Delaware * CHRISTOPHER A. COONS, Delaware * MICHAEL L. ALEXANDER, Staff Director DEBORAH P. PARKINSON, Senior Professional Staff Member ADAM R, SEDGEWICK, Professional Staff Member BRANDON L. MILHORN, Minority Staff Director and Chief Counsel ROBERT L. STRAYER, Minority Director of Homeland Security Affairs DEVIN F. O’BRIEN, Minority Professional Staff Member TRINA DRIESSNACK TYRER, Chief Clerk PATRICIA R. HOGAN, Publications Clerk and GPO Detailee LAURA W. KILBRIDE, Hearing Clerk * Senator Coons replaced Senator Kaufman on the Committee on November 15, 2010. (II) VerDate Nov 24 2008 14:00 Nov 14, 2011 Jkt 058034 PO 00000 Frm 00002 Fmt 5904 Sfmt 5904 P:\DOCS\58034.TXT SAFFAIRS PsN: PAT C O N T E N T S Opening statements: Page Senator Lieberman ........................................................................................... 1, 39 Senator Collins.................................................................................................. 3, 40 Senator Carper ................................................................................................. 5 Senator McCain ................................................................................................ 15 Senator Burris .................................................................................................. 17 Senator Coons ................................................................................................... 59 Prepared statements: Senator Lieberman ....................................................................................... 65, 124 Senator Collins.............................................................................................. 67, 127 Senator Carper ................................................................................................. 70 WITNESSES TUESDAY, JUNE 15, 2010 Philip Reitinger, Deputy Under Secretary, National Protection and Programs Directorate, U.S. Department of Homeland Security ........................................ 6 Frances Fragos Townsend, Chairwoman of the Board, Intelligence and Na- tional Security Alliance ....................................................................................... 19 Alan Paller, Director of Research, The SANS Institute ....................................... 22 Steven T. Naumann, Vice President, Wholesale Market Development, Exelon Corporation, on behalf of the Edison Electric Institute and the Electric Power Supply Association .................................................................................... 25 Sara C. Santarelli, Chief Network Security Officer, Verizon Communications . 27 WEDNESDAY, NOVEMBER 17, 2010 Sean McGurk, Acting Director, National Cybersecurity and Communications Integration Center, Office of Cybersecurity and Communications, U.S. De- partment of Homeland Security .......................................................................... 41 Michael J. Assante, President and Chief Executive Officer, National Board of Information Security Examiners of the United States Inc. .......................... 44 Dean Turner, Director, Global Intelligence Network, Symantec Security Re- sponse, Symantec Corporation ............................................................................ 48 Mark W. Gandy, Global Manager, Information Technology Security and Infor- mation Asset Management, Dow Corning Corporation .................................... 52 ALPHABETICAL LIST OF WITNESSES Assante, Michael J.: Testimony .......................................................................................................... 44 Prepared statement with an attachment ....................................................... 142 Gandy, Mark W.: Testimony .......................................................................................................... 52 Prepared statement .......................................................................................... 165 McGurk, Sean: Testimony .......................................................................................................... 41 Prepared statement .......................................................................................... 129 Naumann, Steven T.: Testimony .......................................................................................................... 25 Prepared statement .......................................................................................... 101 Paller, Alan: Testimony .......................................................................................................... 22 Prepared statement .......................................................................................... 84 (III) VerDate Nov 24 2008 14:00 Nov 14, 2011 Jkt 058034 PO 00000 Frm 00003 Fmt 5904 Sfmt 5904 P:\DOCS\58034.TXT SAFFAIRS PsN: PAT IV Page Reitinger, Philip: Testimony .......................................................................................................... 6 Prepared statement .......................................................................................... 72 Santarelli, Sara C.: Testimony .......................................................................................................... 27 Prepared statement .......................................................................................... 109 Townsend, Frances Fragos: Testimony .......................................................................................................... 19 Prepared statement .......................................................................................... 80 Turner, Dean: Testimony .......................................................................................................... 48 Prepared statement .......................................................................................... 156 APPENDIX Statement for the Record from Robert D. Jamison, Former Under Secretary of Homeland Security for the National Protection and Programs Direc- torate ..................................................................................................................... 116 Responses to post-hearing questions submitted for the Record from: Mr. McGurk ...................................................................................................... 170 Mr. Assante ....................................................................................................... 173 Mr. Turner ........................................................................................................ 176 Mr. Gandy ......................................................................................................... 177 VerDate Nov 24 2008 14:00 Nov 14, 2011 Jkt 058034 PO 00000 Frm 00004 Fmt 5904 Sfmt 5904 P:\DOCS\58034.TXT SAFFAIRS PsN: PAT PROTECTING CYBERSPACE AS A NATIONAL ASSET: COMPREHENSIVE LEGISLATION FOR THE 21ST CENTURY TUESDAY, JUNE 15, 2010 U.S. SENATE, COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS, Washington, DC. The Committee met, pursuant to notice, at 2:59 p.m., in room SD–342, Dirksen Senate Office Building, Hon. Joseph I. Lieber- man, Chairman of the Committee, presiding. Present: Senators Lieberman, Carper, Pryor, Burris, Collins, and McCain. OPENING STATEMENT OF CHAIRMAN LIEBERMAN Chairman LIEBERMAN. The hearing will come to order. Good afternoon and thanks for being here today. We are going to take a look at legislation Senators Collins, Carper, and I introduced last week, the Protecting Cyberspace as a National Asset Act. It pro- vides a comprehensive framework to modernize, strengthen, and coordinate our cyber defenses across civilian Federal networks and the networks of the most vital privately owned critical infrastruc- ture, including some real basics of American life: Our electric grid, financial systems, and our telecommunications networks. Today we are going to hear from the top cyber security official at the Department of Homeland Security (DHS), which, of course, has a critical role to play in protecting our cyber assets; and we are also going to hear from security and industry experts. We have, in preparing this legislation, consulted extensively with members of the Administration, people