DHS floats 'collective defense' model for cybersecurity


The upcoming White House national cybersecurity strategy will empower the Department of Homeland Security to more forcefully respond to cyber threats directed at the private sector and critical infrastructure entities, according to agency chief Kirstjen Nielsen.

Nielsen said that DHS was set to adopt "a more forward-leaning posture" when it comes to defending U.S. cyberspace assets from nation-states, arguing that a more forceful response is needed to deter nation-state adversaries.

"If the past year has shown us anything, it is that our cyber enemies are bolder, more brazen and savvier than ever before," Nielsen said in an April 17 speech at the RSA Conference in San Francisco. Citing attacks like WannaCry and NotPetya, Nielsen said that adversaries "seem to believe the digital realm is fair game for nefarious activity, and they are often indifferent to collateral damage."

DHS plans to directly offer additional cybersecurity services to private companies and critical infrastructure entities. DHS already shares threat information through programs like automated indicator sharing, but it is looking to more fully share DHS security tools with companies and infrastructure organizations.

Nielsen compared the idea to the Financial Systemic Analysis and Resilience Center in the financial sector, where the Department of Treasury, DHS and the FBI teamed up with financial firms and banks to coordinate and mitigate systemic risk across the entire sector.

"I encourage other sectors to work with us to emulate the FSARC model and drive towards collective defense," Nielse said.

The move is in line with a strategy floated last year, when a DHS cybersecurity official told FCW that the department was looking to enter into more proactive cooperative agreements with Section 9 critical infrastructure organizations to share information and combat cyberthreats.

Nielsen also outlined a handful of aspects of the department's approach to cybersecurity that are expected to change with the strategy. Those changes include working to gain a greater appreciation of interconnected, systemic risks within the digital ecosystem and identifying pressure points where a successful cyberattack could have "cascading effects" across multiple sectors and industries.

"An attack on the financial system, for instance, can quickly have an effect on the energy grid, which can affect water systems, which can affect agriculture," Nielsen said.

The department also wants to rethink the federal government's role in fostering better cybersecurity practices among device manufacturers. She flagged the burgeoning market for internet-connected devices, particularly products on the lower end of the price scale, as a growing problem.

Too often manufacturers are in a rush to be first to market and thus are incentivized to design and build products quickly rather than securely, she argued. DHS is currently developing tools to share with industry that can identify bugs and security risks in connected devices at the design stage.

"Why sell a $30 cyber-secure pedometer for marathon runners when you can sell a basic version for five dollars?" Nielsen asked.

Finally, Nielsen said she wants to move towards a cybersecurity model where compromise and failure are a given. Instead of focusing all their energy on stopping intruders at the point of entry, agencies and industry should instead focus on building multiple layers of resilience into their networks, such that it would be possible to continue day-to-day work even while under a persistent cyberattack and even if internal systems are offline.

"We must be obsessed with building in redundancy, so that when our systems do get attacked and fail, they fail gracefully," she said. 

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


  • Cybersecurity
    CISA chief Chris Krebs disusses the future of the agency at Auburn University Aug. 22 2019

    Shared services and the future of CISA

    Chris Krebs, the head of the Cybersecurity and Infrastructure Security Agency at DHS, said that many federal agencies will be outsourcing cyber to a shared service provider in the future.

  • Telecom
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA softens line on looming EIS due date

    Think of the September deadline for agencies to award contracts under the General Services Administration's $50-billion telecommunications contract as a "yellow light," said GSA's telecom services director.

  • Defense
    Shutterstock photo id 669226093 By Gorodenkoff

    IC looks to stand up a new enterprise IT program office

    The intelligence community wants to stand up a new program executive office to help develop new IT capabilities.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.