Cybersecurity

DHS cyber reorg bill coming

 

The chairman of the House Homeland Security Committee plans to reintroduce legislation that would rename and reorganize the cybersecurity division at Department of Homeland Security in the coming weeks, dubbing it a priority.

The Department of Homeland Security has been touting a plan for some time to reorganize and rename its National Protection and Programs Directorate to more closely bind cyber and physical security capabilities as well as elevate the directorate to a headquarters division.

In a March 28 subcommittee hearing on the current state of DHS' effort to secure federal networks, House Homeland Security Committee Chairman Michael McCaul (R-Texas) said he will introduce a bill in the next two weeks that would "create a stronger, consolidated cybersecurity agency" at DHS. The proposal, he said "will elevate the cybersecurity mission at DHS at a critical time and further enhance cyber operations, including those to more effectively secure federal networks."

McCaul told FCW after the hearing that he planned a markup of the NPPD bill "by the end of spring" and that it was a priority.

In testimony before the Cybersecurity and Infrastructure Subcommittee, Jeanette Manfra, acting undersecretary for cybersecurity at NPPD, told lawmakers that rebranding the agency was at the top of her legislative wish list. "It's very important for us," she said.

Lawmakers on the panel asked Manfra about the progress of DHS' Einstein, Continuous Diagnostics and Mitigation and information-sharing programs. 

DHS came in for only slight criticism on Einstein and CDM shortfalls during the hearing. Gregory Wilshusen, director, Information Security Issues at the Government Accountability Office, said Einstein was limited in its ability to detect intruder signatures that weren't on its list or hadn't been detected before. Its ability to analyze network data for trends as well as share information with agencies on cyber threats and incidents were also limited.

However, he said DHS had taken up the nine recommendations GAO made for improvements in Einstein's detection, notification, analytics and information-sharing capabilities.

IT modernization and protecting legacy IT at federal agencies are two top challenges for DHS going forward, Manfra said.

Acquisition reform, she said, could help with both.

"Acquisition reform is important," Manfra said, as traditional federal acquisition practices can blunt technology refreshes that bring new, more effective capabilities.

A faster capability to buy tech goods and services, she said, would help the agency keep up with galloping IT capabilities, as would a more flexible way to work with non-traditional contracts.

Leveraging government buying power across government, Wilshusen said, could also strengthen cybersecurity as it could lead to common, more interoperable solutions across agencies. "It's important for integration of the computing environment."

The panel was concerned, however, about DHS' indicator sharing program with private industry. Congress has been working to build DHS’s ability to work with commercial companies to exchange threat indicators.

Rep. James Langevin (D-R.I) told Manfra that DHS "needs to work harder on information sharing, including sharing context along with the indicators. Companies have complained that raw threat indicators don't provide them with enough information to take action.

Manfra said a year into the threat indicator sharing program, there are about 200 participants getting indicators from DHS. "We're looking to improve the program," she said, potentially providing scoring and context along with the indicator data. She said companies "understood that we're improving, but we still need to do more."

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.