The House Committee on Homeland Security held a hearing on Thursday to discuss aspects of the U.S. government's Cyber Initiative, a classified program ordered by President Bush in an effort to boost the security of federal networks and systems. Among the government officials who testified at the hearing was Karen Evans, who serves as the de facto federal CIO in her capacity as administrator of e-government and IT at the White House Office of Management and Budget. In an interview with Computerworld Friday, Evans discussed the hearing and parts of the Cyber Initiative, including the involvement of the National Security Agency (NSA) and a plan to broaden the use of the government's Einstein network monitoring system and upgrade it by adding real-time threat-detection capabilities. Excerpts follow:

What should people take away from the House hearing? The big takeaway is that the federal government is moving forward in an accelerated way with the Cyber Initiative to ensure that we're properly protecting, and managing the risks associated with, the information we collect. And that we're working to ensure that there is privacy, and we're doing it in a very transparent way. This is really bringing together all the existing efforts [that were already underway] and driving that with very specific deadlines, which I welcome.

When you look at all the initiatives we're doing -- like the implementation of IPv6, HSPD-12 (a smart ID card program), Trusted Internet Connections, the activities we're doing under the policy memo from the president's identity theft task force, and the FDCC (Federal Desktop Core Configuration) -- that's a defense-in-depth vision.

In addition to those efforts, is there anything new that's required under the president's directive? The piece that's different is Einstein. Up to this time, Einstein was an optional program for federal agencies. With this initiative, it is no longer an option. Einstein is [a mandatory] part of the solution that sits at an external network connection.

There's another part that will change as well: the [U.S. Computer Emergency Readiness Team] will have more operational capabilities here, so to speak. If any agency isn't doing its part in maintaining everything that it needs to maintain at an external connection, US-CERT will have the ability to block that connection and reroute traffic through another gateway. That isn't [meant] to impact the agency's mission -- the missions of the agencies are first and foremost, and that will continue to go on. But if something isn't working right, US-CERT will have the ability to stop it.

For more enterprise computing news, visit Computerworld. Story copyright Computerworld, Inc.