Jeh Johnson issues statement on deployment of EINSTEIN 3A
On January 11, Department of Homeland Security Secretary Jeh Johnson issued the following statement regarding the deployment of Einstein 3A.
During my tenure as Secretary of DHS we have worked aggressively to enhance the cyber security of federal civilian executive branch networks. This has included deployment of EINSTEIN across all civilian departments and agencies. EINSTEIN 1 has the ability to monitor traffic across these networks. EINSTEIN 2 has the ability to detect unwanted or suspicious traffic in these networks. EINSTEIN 1 and 2 have been deployed since August 2015.
E3A has the ability to prevent unwanted intrusions and exfiltrations by known bad actors. And, to date, E3A has blocked over one million potential cyber threats on the networks it is covering. E3A is also valuable in that it has the capability to identity unwanted intrusions or exfiltrations with the use of classified information. E3A will also serve as a platform for future technology that will block suspected bad actors.
In May 2015, only about 28% of the civilian workforce was covered by E3A. At the time, I directed our cybersecurity team to make at least some aspects of E3A available to all civilian departments and agencies by the end of 2015. We met that deadline. Next, I directed our team to focus on ensuring that all civilian departments and agencies were actually using at least some aspects of E3A for the protection of their networks by the end of 2016.
I’m pleased to report that, as of the end of 2016, E3A is providing coverage to all civilian cabinet-level departments, and a total of 45 federal departments and agencies, representing 93% of the civilian workforce of the executive branch. This includes the Departments of Energy, Commerce, Homeland Security, Interior, Justice, Labor, State, Veterans Affairs, and the Office of Personnel Management. DHS is working with the remaining departments and agencies to employ E3A protections on their networks within a short period of time. I encourage these few remaining departments and agencies to work with us to deploy E3A and other cybersecurity protections across their networks as soon as possible.