Of all the cybersecurity and information-sharing services that the Department of Homeland Security provides to its private-sector partners, perhaps none of them were as widely used and as well-liked as the U.S. Computer Emergency Readiness Team, or US-CERT, web portal.
So earlier this year, when word began to circulate that the portal would be moved to the Homeland Security Information Network, or HSIN, a special nationwide resource for first responders, there was consternation among many US-CERT users.
“There are critical and highly used technical attributes that currently reside within the US-CERT portal but are not currently available within HSIN,” wrote Bill Nelson, the president and CEO of the Financial Services Information Sharing and Analysis Council, or FS-ISAC, in an April letter to DHS Management Undersecretary Russell Deyo.
The previously unreported letter said the attributes that would be lost during the migration to the new HSIN back-end included:
- Browser agnosticity — The US-CERT portal supported the use of any generally available browser. HSIN only works properly with Internet Explorer version 11.
- User anonymity — “Anonymization is a critical requirement for private sector” users, Nelson wrote.
- Protected Critical Infrastructure Information — PCII is data that companies owning or operating vital national industries can submit to DHS to specially protect it from disclosure. The PCII repository — with special tools for tracking the disclosures — was a plugin for the US-CERT portal, but not for HSIN.
- Single sign on — The US-CERT portal allowed government users to sign on with two-factor identity from their own department’s network.
“We believe that this planned migration will likely undermine a mature cybersecurity information-sharing and collaboration environment,” the letter states.
Former and current officials said those concerns were widespread before the migration Dec. 16. Although it wasn’t immediately clear how users had reacted since then, a DHS official acknowledged the transition “will not necessarily be seamless.”
“Companies are reticent to share information that could help competitors,” said John Cohen, a law enforcement veteran who held several senior posts at DHS. Anonymity such as that provided by the US-CERT portal “provides a sense of comfort to business executives,” he said. Cohen declined to comment directly on the migration decision.
“The biggest concern was about a possible loss of functionality, the ability to interact with the site,” said one current official not authorized to speak on the record about the issue.
A DHS official told CyberScoop via email the migration had taken place on schedule, and been carried out “to leverage existing DHS enterprise capabilities while continuing to provide secure information sharing capabilities to our stakeholders.” He added the US-CERT portal had been renamed the National Communications and Cybersecurity Integration Center, or NCCIC portal.
“DHS acknowledges changes will not necessarily be seamless for previous US-CERT portal users,” the official said, adding that “Users were provided multiple opportunities to participate in training and demonstrations to facilitate the transition and increase familiarity with the new interface of the HSIN platform. Training is still available to HSIN users.”
Asked about the functionality of the old portal, the official said the new platform “has been configured such that it offers users similar information sharing services on a different technology stack.”