Do you know what EINSTEIN is?

Albert_Einstein_HeadEinstein (also known as the EINSTEIN Program) is an intrusion detection system that monitors the United States federal government network gateways for unauthorized traffic. The software was developed by the United States Computer Emergency Readiness Team (US-CERT), an operational arm of the National Cyber Security Division (NCSD) at the Department of Homeland Security (DHS). The original program goal was to provide civilian agencies with “situational awareness”. While the first version analyzed network traffic and provided a cohesive view of Internet threats, today’s Einstein delivers significantly more.

Einstein was deployed in 2004 and its use until 2008 was voluntary. By 2005, it was used by three federal agencies and funding was available for six additional deployments. By December 2006, eight agencies participated in Einstein, and by 2007, the DHS itself adopted the program department-wide. By 2008, Einstein was deployed at fifteen of the nearly six hundred U.S. government agencies, departments and Web resources.

When it was created, Einstein was “an automated process for collecting, correlating, analyzing, and sharing computer security information across the Federal civilian government.” Einstein does not protect the private sector’s network infrastructure. As described in 2004, its purpose is to “facilitate identifying and responding to cyber threats and attacks, improve network security, increase the resiliency of critical, electronically delivered government services, and enhance the survivability of the Internet.”