The Department of Homeland Security (DHS) was in the hot seat during last week’s Senate Committee on Homeland Security & Governmental Affairs hearing.
The takeaway? Exactly what you’d expect. DHS is trying its best to improve the nation’s cybersecurity posture, but the threats are growing and evolving rapidly.
“We’re playing defense, and we’re behind,” said committee Chairman Sen. Ron Johnson, R-Wis.
Unsurprisingly, America’s key cyber adversaries–Russia, China, and North Korea–were referenced throughout the hearing.
Sharing is Caring
Threat data sharing is essential for combatting cybersecurity threats, said Jeanette Manfra, assistant secretary, Office of Cybersecurity and Communications at DHS, at the hearing. She discussed steps that the agency’s National Protection and Programs Directorate (NPPD) has taken to improve the speed and accuracy of its information sharing practices.
“By bringing together all levels of government, the private sector, international partners, and the public, we are taking action to protect against cybersecurity risks, improve our whole-of-government incident response capabilities, enhance information sharing of best practices and cyber threats, and to strengthen resilience,” Manfra said.
Eric Rosenbach, co-director of the Belfer Center for Science and International Affairs at Harvard University, agreed that DHS has improved information sharing capabilities but said further steps are needed.
“DHS must empower the private sector to bolster its cyber defenses by continuing to strengthen information sharing with high-risk sectors,” he said. “This is particularly urgent for election cybersecurity.”
Next Steps
Everyone at the hearing agreed that more could be done to strengthen Uncle Sam’s cybersecurity posture.
In addition to strengthening government networks, Gregory Wilshusen, director of information security issues for the Government Accountability Office, stressed the importance of shoring up networks in the critical infrastructure sectors–which are facing increased cyber threats.
“In its role as the lead Federal agency for collaborating with eight critical infrastructure sectors, DHS had not developed metrics to measure and report on the effectiveness of its cyber risk mitigation activities or on the cybersecurity posture of the eight sectors,” Wilshusen said.
Rosenbach offered several suggestions on how the Federal government, led by DHS and the Department of Defense, could bolster its ability to disrupt and degrade cyber threats. Those include strengthening indications and warnings of cyber attacks, improving U.S. Cyber Command’s ability to address information operations, leading efforts to build international capacity to disrupt the proliferation of destructive malware from black market sources, and taking a more active role in disrupting and dismantling botnets used by criminals and foreign adversaries.
The Name Game
An interesting bit of Federal drama was rehashed during the hearing. Sen. Johnson and multiple witnesses discussed the ongoing push to change the name of NPPD to the Cybersecurity and Infrastructure Security Agency. The name change wasn’t included in the last omnibus spending bill–much to the chagrin of DHS. Both Johnson and Manfra argued that the proposed new name will more accurately reflect the agency’s mission.
“It’s bizarre and ridiculous that it requires an act of Congress for DHS to rename an agency and restructure it so it does a better job,” Johnson said.
Other witness chimed in with their support for the name change.
“This is more than bureaucratic box-shuffling: the nation needs an organization that provides critical infrastructure operators with the type of expert-level support that could make a real difference in mitigating the risk of foreign cyberattack,” said Rosenbach.
Based on witness testimony, DHS is making strides to keep the nation’s networks secure. However, it’s fighting an uphill battle against a constantly changing and evolving enemy.