Department of Homeland Security Mission:
To lead the unified national effort to secure the country and preserve our freedoms. While the Department was created to secure our country against those who seek to disrupt the American way of life, our charter also includes preparation for and response to all hazards and disasters.
DHS Strategic Plans
- Protect Our Nation from Dangerous People
- Protect Our Nation from Dangerous Goods
- Protect Critical Infrastructure
- Strengthen Our Nation’s Preparedness and Emergency Response Capabilities
- Strengthen and Unify DHS Operations and Management
The DHS has over 230,000 employees in 29 disparate entities. They complete missions from border protection to aviation security. DHS’s far reach and relative youth, make it a place where successful and innovative ideas can succeed.
Cyber/Information Technology Initiatives
Cyber security actions in DHS go far beyond internal IT security. DHS is also responsible for working collaboratively with public, private and international entities to secure cyberspace and America’s cyber assets. Many of these functions are conducted by the National Cyber Security Division (NCSD).
NCSD programs include:
- National Cyberspace Response System
- Federal Network Security
- Cyber-Risk Management Programs
DHS established Cyber Security Research and Development Center in 2004. SRI International “provides technical, managerial, and administrative support for the Center. SRI is a leader in information security research and the creation of innovative business models and partnerships.”
In July 2010, OMB directed that DHS take primary responsibility in the executive branch for operational aspects of security in civilian agency federal systems covered by FISMA. DHS also gets input to OMB regarding agency security budgets. DHS is also responsible for:
- Overseeing government-wide and agency reporting on cybersecurity policies and guidance;
- Assisting government-wide and agency efforts to provide adequate, risk-based and cost-effective cybersecurity;
- Overseeing agencies’ compliance with FISMA and to help OMB develop the FISMA annual report;
- Annual reviews of agencies’ cybersecurity programs;
- Overseeing agencies’ cybersecurity operations and incident response, as well as helping with appropriate assistance.
Stop. Think. Connect. – Private sector Cybersecurity campaign
- “This campaign will enhance our efforts during October and beyond to educate, engage and empower the American public to take charge of their safety and security online. It will challenge the American public to be more vigilant about establishing smart habits that will lead to increased protection online.” – Howard A Schmidt, program coordinator
DHS is a key cyber player, of course, and the current leadership at DHS is open to collaboration with industry and is continuing to seek out new ideas on how to partner with industry. DHS will continue to influence, in a positive way, the security of the federal space.
However, this influence is frequently overestimated. DHS is busy and in general seems too busy to help defend other agencies. And they are influential in the policy domain, but DoD’s influence is clearly greater.
We recommend those seeking to do business with DHS determine the best office to target for dialog, since decisions are made based on mission needs of the particular office being served.
Items of Interest
DHS Launches Intellectual Property Rights Website
DHS launched the National Intellectual Property Rights Coordination Center website. This website is dedicated to information, news releases, media, published reports and electronic forms for property rights violation reporting. The Intellectual Property Rights Center is the forefront of the US government’s response to global IP theft. IP is one of the US’s current greatest exports, and it is constantly being stolen.
Cloud security fears exaggerated, says federal CIO
DHS is vetting cloud providers to host the public websites of US Citizenship and Immigration Service as well as FEMA. DHS CIO, Richard Spires, believes public cloud vendors are on a path to handle more sensitive government information, especially after security certification is complete. Spires recognizes the fear and cybersecurity concerns that often come with moving to the cloud. Spires actually believes that cloud adoption will solve many cyber security issues.
Stuxnet clones may target critical US systems, DHS warns
Officials with DHS warned that hackers could attack the country’s power generation plants, water treatment facilities and other critical infrastructure with clones of the Stuxnet worm. Stuxnet’s efficacy was proven in the attacks on Iranian nuclear facilities. If Stuxnet is to be weapon of choice among malicious adversaries, critical infrastructures need to batten down the hatches and protect themselves from such attacks.
US signs cybersecurity agreement with India
US and Indian governments signed an agreement to increase the sharing of information on cybersecurity and terrorism. This MOU fulfills of pillar of the dialog between the two nations launched in 2009. This agreement establishes best practices for sharing critical cybersecurity information and expertise between the two CERT teams. Coordinating and sharing information provides a better informed cyber defense and can open up larger markets for sales.
DHS and DoD negotiating logistics of cyber partnership
DHS and DoD have been divvying up cyberspace responsibilities — but it is constantly in flux and changing. DHS is working on a companion piece to the recently released DoD Strategy for Operating in Cyberspace. It is important to understand where duties lie — especially for contractors who are hoping to sell to specific needs and missions.
Homeland Security Official: Some Foreign-Made Electronics Compromise Cybersecurity
Greg Schaffer, acting deputy undersecretary at the National Protection and Programs Directorate told the House Oversight and Government Reform Committee. Schaffer admitted that some foreign-made components in American electronic devices have been found to be pre-designed to allow cyber attacks. This question of cyber supply-chain vulnerabilities needs to be answered.
DHS Cybersecurity Database has its own Vulnerabilities IG Reports
DHS owns an automated critical asset management system which is web-enabled. This information is used to “prevent, deter, respond to, and mitigate cyber risks, threats and incidents.” However, the DHS IG reports that there are many vulnerabilities in this system. Local administrators lacked up-to-date training and account management was less than stellar. Lastly, in one redacted part — specific software vulnerabilities and defects are pointed out. If you have a database system that is already tracking and managing cybersecurity data — this could be a prime opportunity.
‘Cross-border Campaign’ Needed To Police Cyber Crime
Janet Napolitano said DHS is increasingly recruiting local police forces to aid in tracking down extremists planning terrorist attacks. Napolitano sees the internet as an accelerant for extremists — allowing them to get closer together and plan more devastating attacks. Without coordinated cross-border efforts, this will continue to be an issue.
DHS Releases New Domain Name Risk Management Strategy
This document outlines response and mitigation methods for the three DNS risks of concern identified in the 2009 baseline IT Sector Risk Assessment. This strategy has 3 key recommendations:
- Promoting policies and best practices designed to limit information disclosure while restricting domain naming to known and trusted partners
- Implementing DNS data and configuration practices
- Enhancing training and education initiatives that focus on data file misuse, both intentional and unintentional
DNS is one of the weak points of any outward facing website, server or e-mail device.
New guidelines require agencies to document progress automating surveillance of cyber threats
DHS has released new information security guidance that requires agencies to report on progress installing tools that continuously monitor threats to computer networks. As DHS is taking over FISMA, the shift to purchasing these tools will grow. Continuously monitoring can help relieve some of the strain that checklists put on FISMA compliance.
DHS looking to take over FISMA implementation in new legislation
DHS (not OMB) would be responsible for maintaining FISMA — this would be similar to how USCYBERCOM is responsible for defending all military networks. Additionally, this legislation would allow industry to meet with DHS and work on policy and initiatives. Lastly, the bill would push FISMA towards more automation as well.
The DHS Services moving to the cloud
Below are the DHS services moving toward the cloud.
- Employment verification
- Data Center Services (Private Cloud)
- Website Hosting
DHS plans expansion of cybersecurity workforce
DHS is planning to grow its cybersecurity workforce by more than 50 percent. This is to meet the new legislative requirements of DHS.
Reitinger resigns Top DHS Cybersecurity Post
Reitinger is the top cyber and computer crimes official of DHS and states that he is retiring June 3.
Reitinger’s Quest: Build a Safer Internet
Recently published a white paper entitled Enabling Distributed Security in Cyberspace. This paper explores technical options for creating a more secure and resilient network of networks. It focuses on three security building blocks; authentication, automation and interoperability as the foundation for building security in cyberspace.
Investigation into RSA key fob hack
The RSA hack created a cascading issue throughout the federal government and DoD as well the IC. Look to see how the RSA issue pans out – but should have an effect throughout the government in terms of re-thinking security.
House bill would expand DHS authority over private networks
Executive Cyberspace Coordination Act would give DHS authority to establish “risk-enforced security practices and standards for critical infrastructure.” DHS would have the authority to create, verify, and enforce measures to protect information systems that control critical infrastructure. And the department would have the power to determine what critical infrastructure would be covered by the legislation.
DHS mandates HSPD-12 card use
Agencies must develop plans by 31 March to implement use of secure identity cards. DHS and the GSA will partner to implement this government-wide architecture necessary to align with the Federal Identity, Credential and Access Roadmap and Implementation Guidance (ICAM).
The plans must include the following:
- All new systems under development must use HSPD-12 cards prior to being made operational.
- Starting in fiscal 2012, existing physical and logical access control systems must be upgraded to use the secure ID cards prior to the agency using funding for further development or technology refresh.
- All procurements for products and services for facility and system access control must meet HSPD-12 standards and the Federal Acquisition Regulations to ensure interoperability.
- Agencies will accept and electronically verify secure ID cards issued by other agencies.
- They align with and implement the ICAM.
Napolitano: Cybersecurity is Not a Battlefield
“Some categorize the challenge as one for the market, or a looming war,” she said. “In my view, cyberspace is fundamentally a civilian space, and government has a role to help protect it, in partnership with the private sector and across the globe . . . both the market and the battlefield analogies are the wrong ones to use.”
Financial Services Sector Signs Cybersecurity Research Agreement with NIST, DHS
The National Institute of Standards and Technology (NIST) has joined in a new public-private partnership to spur cybersecurity innovation in the financial services sector. Through a memorandum of understanding signed on Dec. 6, 2010, NIST, the Department of Homeland Security Science and Technology (S&T) Directorate and the Financial Services Sector Coordinating Council agreed to work together to speed the application of research into practice for better cybersecurity for the critically important financial services sector.
DHS, DoD work to combat Cyber Threats Together
DHS and DoD recently signed agreement in which they will exchange personnel. DoD will share cyber analysts at the DHS National Cybersecurity and Communications Integration Center (NCCIC), while DHS, will send a senior staffer — as well as a team of DHS privacy, civil liberties and legal personnel — to work at NSA. CYBERCOM is definitely a target for civil liberties concerns, and can use DHS help here.
- 3/28/2012: The DoD, the DHS, Losing in Cyberspace, and More (fedcyber.com)
- Cronyism Revealed in Highest Levels of Napolitano’s DHS (infosecurity.us)
- NSA vs. DHS in Leading the US Cyber Security Initiative (silvertailsystems.wordpress.com)
- Cybersecurity Week at the House, Further Drone Hacking Claims by Iran, and More (fedcyber.com)
- White House Cybersecurity Coordinator Retiring, HTC Phones Blocked at Customs, and More (ctovision.com)
- DHS cybersecurity official leaves more questions than answers (theneteconomy.wordpress.com)
- DOD Announces the Expansion of Defense Industrial Base (DIB) Voluntary Cybersecurity Information Sharing Activities (ctolabs.com)
- White House Cybersecurity Coordinator Retiring, HTC Phones Blocked at Customs, and More (fedcyber.com)
- Threats to Industrial Systems Are Growing, Says Homeland Security Cyber Chief (fedcyber.com)