The Bush Administration needs to part with more information about a multi-billion dollar cybersecurity initiative intended to lock down federal government networks, two U.S. senators said in a recent letter to the U.S. Department of Homeland Security.

The letter -- sent out on Friday by Sen. Joe Lieberman (I-CT), the chairman of the Homeland Security and Governmental Affairs Committee, and Sen. Susan Collins (R-ME), the committee's ranking Republican member -- asked the White House to answer nearly a score of questions on the Comprehensive National Cybersecurity Initiative (CNCI). The initiative, established in January by executive order, created a five- to seven-year program to lock down federal networks by reducing the number of agency connections to the Internet -- from more than 4,000 to 50 -- and installing real-time monitoring systems on those access points. The Bush administration has refuse to part with many details of the initiative and has classified most of the program.

Yet, for proper congressional oversight, the White House needs to be more forthcoming, the senators stated in the letter.

"While certain operational details of the program are necessarily classified, additional efforts, where appropriate, to downgrade the classification or declassify information regarding the initiative would aid congressional oversight and permit broader collaboration with the private sector and outside experts," the senators said.

Members of the House of Representative have also sought details on the reportedly $30 billion plan to upgrade network defenses to ward off attacks from foreign nations and online criminals. In February, the House Committee for Homeland Security held a hearing on the CNCI, called simply the Cyber Initiative at the time because the Bush Administration had not formally acknowledged the program. At least a half dozen federal agencies have acknowledged, during congressional hearings, that their systems have been compromised in the past three year. Lawmakers have increasingly become concerned over the number of attacks coming from China, whether or not the attacks are actually sponsored by the nation.

Under the Comprehensive National Cybersecurity Initiative, the Department of Homeland Security (DHS) plans to triple its cybersecurity budget next year as a first step. The push for federal agencies to adopt a common set of desktop-computer configurations, dubbed the Federal Desktop Core Configuration (FDCC), is also considered to be part of the Comprehensive National Cybersecurity Initiative.

However, the senators questioned the DHS's intent to use contractors for certain positions, because the request does not follow recommendations set out by the Government Accountability Office. Moreover, the senators had a number of questions regarding the appointment of entrepreneur Rod Beckstrom to the two-year position of director of the new National Cyber Security Center, about which little is known because the existence of the agency had been classified.

The senators asked for clarifications on DHS responsibilities, guidelines on which parts of the program will be classified, information on the National Cyber Security Center, privacy protections and what metrics will be used to gauge the success of the program.

If you have tips or insights on this topic, please contact SecurityFocus.