2019 Outlook

Standing up CISA

cybersecurity (Rawpixel/Shutterstock.com) 

The newly renamed Cybersecurity and Infrastructure Security Agency is going to spend 2019 in transition, gearing up to assume the role of a major Department of Homeland Security component.

The organization, formerly called the National Protection and Programs Directorate, was elevated by legislation signed into law in November. Agency officials lobbied for the redesignation for years, arguing that NPPD's name and mission appeared vague and muddled to the general public.

Agency head Chris Krebs joked that the NPPD name, "sounds a lot like a Soviet-era military intelligence agency."

CISA Deputy Director Matthew Travis told FCW in an interview that the transition plan, dubbed "CISA 2020" reflects the goal of getting the agency in shape over the course of the next year. The plan lays out the blueprint for the component's "big muscle movements" organizationally. It was announced to CISA employees at a Dec. 20 virtual town hall event.

The blueprint sets out 12 categories that address the most important transformational issues at the agency -- such as IT, management functions and budget -- that need to be realigned during the transition. DHS headquarters, Congress and the Office of Management and Budget are expected to offer feedback on the plan in January and February.

CISA is also looking at consolidating the agency's eight offices into a single headquarters in parallel with the 12-point CISA 2020 plan, Travis said, but nothing has been decided.

There is subtraction as well as addition in play here. The law that created CISA transferred the Office of Biometric Identity Management to the DHS Management Directorate. CISA is also waiting to hear whether the Federal Protective Service, a NPPD unit that provides security for federal facilities, will find a new home inside DHS.

CISA has formed a working group to explore how the DHS secretary could move FPS within DHS. The shift of OBIM to the Management Directorate is complete, Travis said.

The day the CISA legislation was signed into law, Krebs said it was "more of a groundbreaking than a ribbon-cutting."

Though NPPD leadership anticipated the bill's passage and began planning for the change earlier this year, Krebs said that the slow-motion windup over more than three years didn't help with a head start.

The plan to operationalize the agency was "always just over the horizon," Krebs said Nov. 16 at a Chamber of Commerce event, and as a result, NPPD didn't make investments needed to support the future mission of the agency.

To transform from NPPD to CISA, Krebs said there would be a lot of "boring" but necessary work on business processes.

Suzanne Spaulding, the former NPPD undersecretary who launched the push for CISA, said the basic idea behind the new organization was to put cybersecurity and infrastructure security personnel into the same space, to support data sharing and response coordination.

Some of that consolidation has already happened, with the co-location of the National Infrastructure Coordinating Center and the National Cybersecurity and Communications Integration Center. However, a larger shared space for the component's Office of Cybersecurity and Communications, the Office of Infrastructure Protection and headquarters staff is needed. Additionally, back-office operations such as IT, said Spaulding, also need to be consolidated or transitioned into something new.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, tele.com magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at mrockwell@fcw.com or follow him on Twitter at @MRockwell4.


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.