GAO: Feds’ Einstein Program Comes Up Short: Intrusion Detection System has limited ability to detect breaches. Einstein relies on known signatures to identify intrusions rather than complex anomaly-based approach. Einstein doesn’t do a very good job in identifying deviations from normal network traffic, GAO says. The federal government has spent $1.2 billion from fiscal year 2009 to 2014 on the NCPS system, designed to protect civilian agencies. For the current fiscal year, DHS requested $480 million for network security deployment to safeguard government networks.”]
Source: https://www.cuinfosecurity.com/gao-feds-einstein-program-comes-up-short-a-8833