New DHS Cybersecurity Strategy Sets Broad Goals, Hints at Tech Needs
Published: May 24, 2018
The Department of Homeland Security has released a strategy with seven goals to address cyber risks to IT networks and critical infrastructure.
Last week, Department of Homeland Security (DHS) released a strategy outlining how they plan to improve their ability identify and manage national cybersecurity risk and to address the evolving threats to the nation’s cyber and critical infrastructure security.
The DHS Cybersecurity Strategy sets out a vision that in the next five years DHS “will have improved national cybersecurity risk management by increasing security and resilience across government networks and critical infrastructure; decreasing illicit cyber activity; improving responses to cyber incidents; and fostering a more secure and reliable cyber ecosystem through a unified departmental approach, strong leadership, and close partnership with other federal and nonfederal entities.”
In the news release announcing the new strategy DHS highlighted the following “five pillars” of their risk management approach and framework for performing their cybersecurity responsibilities.
- Risk Identification: Assess the evolving national cybersecurity risk posture to inform and prioritize risk management activities.
- Vulnerability Reduction: Protect federal government information systems by reducing the vulnerabilities of federal agencies to ensure they achieve an adequate level of cybersecurity.
- Threat Reduction: Reduce national cyber threats by countering transnational criminal organizations and sophisticated cyber criminals.
- Consequence Mitigation: Respond effectively to cyber incidents to thereby minimize consequences from potentially significant cyber incidents through coordinated community-wide response efforts.
- Enable Cybersecurity Outcomes: Strengthen the security and reliability of the cyber ecosystem by supporting policies and activities that enable improved global cybersecurity risk management and execute departmental cybersecurity efforts in an integrated and prioritized way.
The following goals and success outcomes comprise the substance of the strategy:
Goal 1: Assess Evolving Cybersecurity Risks – Understand the evolving national cybersecurity risk posture to inform and prioritize risk management activities. DHS would regularly adjusts cybersecurity programs and policy efforts to account for evolving technologies and operational priorities.
Goal 2: Protect Federal Government Information Systems – Reduce vulnerabilities of federal agencies to ensure they achieve an adequate level of cybersecurity. Success indicators include federal agencies maintaining an adequate level of cybersecurity, commensurate with their risks and with those of the federal enterprise. Further, federal agencies would utilize DHS capabilities, tools, and services to identify and mitigate cyber threats and vulnerabilities before they do significant harm.
Goal 3: Protect Critical Infrastructure – Partner with key stakeholders to ensure that national cybersecurity risks are adequately managed. Success indicators include reduced national risks to critical infrastructure, especially those that could impact national security, public health and safety, and economic security. In addition, cybersecurity stakeholders would increasingly leverage information shared by DHS to quickly understand risks and protect their systems and for all of the 16 critical infrastructure sectors to be aware of cyber risks to their sector and maintain sufficient policies and capabilities to support risk management efforts.
Goal 4: Prevent and Disrupt Criminal Use of Cyberspace – Reduce cyber threats by countering transnational criminal organizations and sophisticated cyber criminals. Success indicators include utilizing investigative and forensic capabilities and resources more effectively support investigations of sophisticated cyber criminals.
Goal 5: Respond Effectively to Cyber Incidents – Minimize consequences from potentially significant cyber incidents through coordinated community-wide response efforts. Success indicators include enabling coordinated and timely victim notifications, providing technical and other asset response assistance, where requested and appropriate, and supporting national-level decision-making and emergency management efforts.
Goal 6: Strengthen the Security and Reliability of the Cyber Ecosystem – Support policies and activities that enable improved global cybersecurity risk management. Success indicators include more secure and resilient technologies and networks that result in a more defensible cyber ecosystem. This includes leveraging new technologies resulting from DHS-supported R&D that increase cyber- capabilities to protect from, respond to, and investigate cyber incidents as well as recruiting and training a highly-skilled cybersecurity workforce.
Goal 7: Improve Management of DHS Cybersecurity Activities – Execute departmental cybersecurity efforts in an integrated and prioritized way. Success indicators include increased coordination and integration of the DHS cybersecurity mission and programs that meet its goals and objectives.
The strategy has been met with mixed reviews in Congress. Granted, it arrives more than a year later than anticipated and is light on implementation details.
Still to come is a corresponding implementation plan to outline DHS component roles, responsibilities, programs, and timelines for accomplishing the goals and objectives outlined in the strategy. The implementation plan is a requirement of the 2017 National Defense Authorization Act (NDAA). Further, DHS plans to annually assess implementation of the strategy and report findings to the DHS Secretary, details of which will likely become elements of Congressional testimony or briefings.
For technology companies seeking to aid DHS in their mission there continues to be opportunities around cybersecurity risk management, including tools and methodologies that facilitate effective risk assessment and help automate risk management policies and processes. Further, tools that improve protections and increase incident detection, mitigation and response capabilities continue to be in demand – especially those that increase automation and free up precious human capital. Cyber-workforce training services and tools are also likely to play a key factor the federal cyber landscape for years to come.
From a broader perspective, industry will do well to continue to innovate technologies that are inherently more secure and resilient that can be implemented to increase the overall security posture of the federal cyber ecosystem.