The declassified portion of the plan published Tuesday includes information on only part of the initiative and does not discuss cyberwarfare. The plan instead discusses the deployment of Einstein 2 and Einstein 3, intrusion detection systems on federal networks designed to inspect internet traffic entering government networks to detect potential threats.
DHS (Department of Homeland Security) is deploying, as part of its EINSTEIN 2 activities, signature-based sensors capable of inspecting Internet traffic entering Federal systems for unauthorized accesses and malicious content. The EINSTEIN 2 capability enables analysis of network flow information to identify potential malicious activity while conducting automatic full packet inspection of traffic entering or exiting U.S. Government networks for malicious activity using signature-based intrusion detection technology.. . . EINSTEIN 2 is capable of alerting US-CERT in real time to the presence of malicious or potentially harmful activity in federal network traffic and provides correlation and visualization of the derived data. . . .
The EINSTEIN 3 system will also support enhanced information sharing by US-CERT with Federal Departments and Agencies by giving DHS the ability to automate alerting of detected network intrusion attempts and, when deemed necessary by DHS, to send alerts that do not contain the content of communications to the National Security Agency (NSA) so that DHS efforts may be supported by NSA exercising its lawfully authorized missions.
The Einstein programs have raised concerns among privacy and civil liberties groups, such as the Center for Democracy and Technology, because they involve scanning the content of communications to intercept malicious code before it reaches government networks.
It can be a a workable plan if their is private sector involvement and/or independent watchdog and auditing ability to balance security with privacy. Long road to go but hopefully a start that won't stall out of the gates.