The Federal Deposit Insurance Corp., seeking to reassure the public and congressional overseers about its online security, says it will sign up for the Department of Homeland Security’s Einstein intrusion detection service and has hired Booz Allen Hamilton to independently assess its IT security and privacy procedures.
The agency — which has come under fire this year from independent watchdogs and congressional investigators for its cybersecurity following a series of ‘insider’ breaches last fall and and revelations about a 2010 penetration by suspected Chinese hackers — last week quietly launched a new page on its website touting measures it is taking to improve its cyber posture.
‘The FDIC is committed to protecting sensitive information and is seeking to ensure the public is aware of the steps we are taking on cybersecurity,’ spokeswoman Barbara Hagenbaugh said via email.
The webpage says the agency has signed a ‘memorandum of understanding’ with DHS to implement Einstein 3A — the department’s signature-based intrusion detection and prevention system.
FDIC ‘has begun an active engagement with [DHS] to implement Einstein,’ said Hagenbaugh.
The webpage also states that the agency has ‘engaged an independent, third-party firm to conduct an end-to-end assessment of the FDIC IT security and privacy programs.’
Hagenbaugh confirmed that the firm was Booz Allen Hamilton, a fact first reported by Federal News Radio, but she declined to give any further details.
Officials said the assessment would look at process, technology and staffing, and would provide a measurable plan for improvement.