DHS risk center wants to revolutionize cyber response, but first it must get organized
- By Derek B. Johnson
- Nov 02, 2018
The Department of Homeland Security's new National Risk Management Center has ambitious goals for changing the way government and industry approach business. But first, it must get organized.
NRMC Deputy Director Mark Kneidinger told the Information Security and Privacy Advisory Board at its Nov. 1 meeting that the center spent the past three months staffing up and building an organization with analytical capabilities.
Currently, the center relies on dozens of feds detailed from DHS and other agencies, including Kneidinger. NRMC's goal is to identify and recruit more people with specific cyber expertise, begin reaching out to partners in industry and state governments to establish long-lasting partnerships and identify and define national critical functions.
The center will focus on "those things that, if there's a major intrusion, it will have a major, critical impact on the nation, national security, economy and life," Kneidinger said. Adversaries are "looking at critical functions, at how they can most impact our national capabilities. We need a counterbalance to that. We need to understand not only what we're doing [in a given] sector, but what government is doing."
The center is kicking off with a trio of sprints around the finance, electric and telecommunications sectors to map out their national critical functions. NRMC will also explore greater use of memorandums of agreement between the federal government and critical infrastructure providers, something FCW reported on last year.
Kneidinger is hoping the passage of the Cybersecurity and Infrastructure Security Agency Act -- currently in conference on the Hill -- will give the center as well as the National Protection and Programs Directorate which houses it more flexibility to move resources around.
"CISA … gives us the ability to be a component agency, so that gives you more control over back-office capabilities and things of that nature -- HR and finance," Kneidinger told FCW following his meeting with the board.
Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.
Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.
Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at firstname.lastname@example.org, or follow him on Twitter @derekdoestech.
Click here for previous articles by Johnson.