DHS CISO eyes shift from perimeter defense to data protection

Federal agencies are investing heavily in perimeter network defense, but in five years the Department of Homeland Security's chief information security officer said he hopes to see a lot more spending on defense of data within networks.

"As you look at defense in depth, a lot more resources go toward perimeter defense than do actually controlling the data," DHS CISO Jeff Eisensmith told FCW after his Oct. 20 appearance at a conference hosted by ISACA.

Data can be prioritized by its value to an organization, Eisensmith said. "And that's a level of granularity that right now is kind of cost prohibitive and not overly mature," he added, while not discounting the importance of perimeter defense. "It is happening, but not on the scale that I'd like it to be."

Einstein and Continuous Diagnostics and Mitigation are two vast DHS programs that together cover various aspects of network defense. Einstein focuses on perimeter defense, while CDM is a broad threat-detection program designed to give network operators a clearer view of vulnerabilities.

Chris Cummiskey, former acting undersecretary for management at DHS, has told FCW that CDM stands a better chance than Einstein of mitigating sophisticated breaches because CDM "seems to give us the additional ability to see these bad actors on the networks, once they're already through the perimeter."

Both programs draw on big coffers. CDM's acquisition vehicle has a $6 billion ceiling, and DHS has requested $479.8 million for "network security deployment" in fiscal 2016, including the latest iteration of Einstein, known as Einstein 3A.

DHS Secretary Jeh Johnson told the House Homeland Security Committee on Oct. 21 that he has directed DHS to make at least some of Einstein 3A's features available to all federal civilian agencies by year's end, and agencies are on track to adopt the system. The program has blocked more than 650,000 requests to access potentially malicious websites, Johnson said in his prepared testimony. Nonetheless, he also stated that "our federal .gov cybersecurity, in particular, is not where it needs to be."

Eisensmith advised putting money toward the weakest link in an organization's cybersecurity.

"If you're going to make an investment, you look and you say, 'Where [am I] not really at a maturity level that I want to be?' That's where the next dollar goes," he said. "The only caveat to that would be if a new threat pops up tomorrow that changes the maturity level. Then you have to react."

About the Author

Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.

Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.

Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.


  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.