3 steps for putting the DHS cybersecurity strategy to work
- By Mark Orlando
- Jul 30, 2018
A few weeks ago, the Department of Homeland Security released its cybersecurity strategy for the next five years, which lays out seven goals to help the government better defend itself against the constant onslaught of sophisticated cyber threats. These goals include assessing evolving cybersecurity risks, protecting critical infrastructure, responding effectively to cyber incidents and more. As a cybersecurity professional who has chosen to focus my career on helping protect and defend our nation, I applaud the agency for taking such a bold and aggressive stance on cybersecurity.
There are three particularly important components called for in DHS’s strategy that warrant reiteration: identification of the right partners; the use of innovative and emerging technologies to supplement human-centric activities; and dedication to closing the cybersecurity skills gap.
Form the right partnerships
Cybersecurity is a shared responsibility between DHS, other federal agencies, and the corporate world. Cyber criminals now target the commercial sector with as much force and skill as they do the government. Some attacks against the corporate world can even have national security consequences, further validating the need for public-private partnerships.
DHS understands domain expertise is key, and will look to involve individuals who have experience protecting and hardening systems at a federal level, or those who know how to cohesively bring together people and systems. Additionally, partners will need to have an understanding of the geopolitical implications around protecting national infrastructure.
Putting these partnerships into action will involve starting small and improving the lines of communication to and from agencies, while also building relationships with organizations that encourage information sharing.
Embrace emerging technologies
While collaboration and information sharing contribute to improving our defenses, so do new and emerging technologies such as artificial intelligence and machine learning. Cyber threats today have the potential and power to create global security risks by disrupting critical infrastructure and impeding government or commercial operations. The House recently introduced a bill, the DHS Industrial Control Systems Capabilities Enhancement Act of 2018, that aims to further protect critical infrastructure from cyberattack. An element of the bill authorizes DHS to help end users, manufacturers and others by providing cyber technical assistance
Today, to counter cyberattacks, we have to be able to work more efficiently and faster than cybercriminals -- something AI and machine learning can enable. By extending the capabilities and reach of our human cyber defenders, especially while industry faces a staggering talent shortage that continues to worsen, AI and machine learning are critical tools to help strengthen the nation's cybersecurity posture.
Close the skills gap
The demand for cybersecurity professionals to protect commercial and government networks will only continue to grow, which is why DHS is committed to the recruitment and retention of individuals with these skill sets. One such example of this commitment is their continued investment in the National Collegiate Cyber Defense Competition. This competition, presented by Raytheon, provides college students from across the country the opportunity to enhance and test their skills at protecting networks against cyber threats.
Encouraging young people to pursue science, technology, engineering, and math programs will help drive awareness and interest in cybersecurity jobs. At the same time, providing the appropriate training for current cybersecurity professionals should be a priority for all organizations, public and private. Additional education will help individuals further grow and enhance their cyber skills while also helping to close the talent gap.
These are three areas to focus on over the coming months, but the entire DHS Cybersecurity Strategy is necessary and important for the continued protection of our nation. Cyberattacks will continue to spill over into the physical world and potentially impact life and safety. It’s the right combination of partners, technology and expertise that will ultimately bring DHS’s next generation capabilities to bear.
Mark Orlando is chief technology officer, cybersecurity and special missions at Raytheon