TIC Initiative: By the Numbers
It's not quite like pulling teeth, but the Obama administration doesn't like to discuss hard numbers when addressing the federal government's Trusted Internet Connection initiative, commonly known as TIC, that the Bush White House initiated in a November 2007 Office of Management and Budget memorandum.
At that time, an estimated 8,000 connections existed between federal executive branch information networks and the Internet, and the thinking was that the government could improve cybersecurity by drastically reducing the number of access points on the theory that fewer connections make it easier to identify potentially malicious traffic. The goal was to reduce the Internet access points to 50 by June 2008. An ambitious yet eventually impossible goal to attain.
So, how many TIC connections exist today? I asked Matt Coose, director of federal network security at the Department of Homeland Security's National Cybersecurity Division. Coose responded:
"One of the things we're trying to get folks to focus on is a little bit less on the actual number of connections ... and more on the consolidation aspects."
And for most of our conversation, Coose focused on the "Trusted" facet of TIC, saying what matters most is not the number of Internet access points but the quality of the Internet access points. The initiative specifies that each TIC adhere to 51 critical capabilities, including implementing the Einstein intrusion detection system. TIC 2.0 will be architected to employ the upgraded Einstein 2.
Being a pig-headed journalist, I kept asking Coose for the numbers, and he relented with some caveats. For instance, he said, precise numbers are hard to determine because of the flux caused by the migration away from less secure access points, including the need to change vendors..
As to the numbers, here's what Coose revealed:
- Eventually, executive branch agencies will connect to the Internet through 80 to 100 TICs, not the 50 envisioned by the Bush White House.
- About 50 TIC access points exist today.
- Executive branch agencies still use some 2,000 non-TIC Internet access points.
- By the end of December, about 80 percent of executive branch Internet traffic should pass through a TIC.
- It could take years before the remaining 20 percent of executive branch traffic to connect via a TIC.
The goals Coose outlined seem more realistic than those set by the Bush administration. And, conceivably they'll be achieved. But IT projects such as TIC - whether in government or the private sector - are complex, and meeting deadlines too often prove to be the exception and not the rule. I guess we'll know a year from now if Coose's estimates were correct. Of course, he'll say - and perhaps rightly so - that it's not the numbers but the quality of the connections that count.