Cybersecurity

DHS risk agency eyes January policy push

By julia.m shutterstock ID: 779956477 

The National Risk Management Center at the Department of Homeland Security is working to develop a list of national critical functions, functions so important that a disruption could cause a national or economic security crisis, by the end of the year.

Bob Kolasky, the center's director, said he's been given marching orders to keep the list to a manageable size.

"I've been told I better not come up with a list of more than 100 national critical functions, that's too many," said Kolasky at a Dec. 6 event hosted by ICF. "But [even] 100 requires some prioritization."

DHS hasn't decided how public it will make that list. Kolasky said further discussion is needed among officials and industry stakeholders around risk mitigation, but the new center does plan on making aspects of the list and priorities public in some form.

In the meantime, DHS is already moving forward on initiatives in a number of sectors, such as election security, where stakeholders already have a sense of their own national critical functions. A tri-sector coordinating council composed of representatives from the electric, finance and communications sectors have already developed their own preliminary lists, including electricity generation and transmission, wireless communications, insurance and finance. Next week, DHS will host a non-public workshop with representatives from all 16 critical infrastructure sectors to complete the list.

One hope is that the list will end up fueling smarter intelligence collection by the U.S. government.

"The conversations we've had with the [intelligence community] is that this will help focus some of our intel collection in ways where industry will help us understand: what are the real critical things that they do," said Kolasky. "What are the critical nodes … the things that allow those functions to produce and let's make sure we're thinking about any threats to that and treating those different from … the average cybersecurity threat."

Another area ripe for immediate action is supply chain management. Kolasky will be taking over as co-chair for the newly created ICT supply chain task force. Kolasky downplayed the change in an interview with FCW, saying other DHS officials like Emile Monette and Mark Kneidinger will continue to be involved but that DHS felt the profile of the task force necessitated higher level ownership.

"This is a huge priority of CISA", Kolasky said, in reference to the new Cybersecurity Infrastructure Security Agency at DHS.

The executive committee met last month and reviewed a list of nine priorities and "good ideas out there" around supply chain management that were produced by previous government and industry research efforts, and the group is planning to announce a more robust list in January that will drive the creation of further working groups to drill down further.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.