Johnson: Biometric exit moving ahead

Biometrics-based exit technology could expand to key airports by 2018, and red team testing of critical cybersecurity might also be on the move, Homeland Security Secretary Jeh Johnson told a Senate panel.

In a three-hour, sometimes politically charged Senate Judiciary Committee hearing on June 30, Johnson faced a barrage of questions about a wide range of issues, including violent illegal aliens, gun control, morale at the Department of Homeland Security, immigration policy and ammunition acquisitions.

Among the questions were inquiries about the status of biometrics-based exit programs and cybersecurity protection for critical infrastructure providers.

Sen. David Perdue (R-Ga.) asked Johnson about the pilot project underway at Hartsfield-Jackson Atlanta International Airport to test the use of facial recognition technology to identify visitors when they leave the country. The test is an early step toward a long-awaited nationwide biometrics-based entry/exit system.

"By 2018, we'll have the pieces in place" to begin using a biometrics-based exit system more widely, Johnson said. "The early indications of the pilot are positive."

The trial tests how Customs and Border Protection systems work with facial comparison technology to process images of travelers leaving the U.S. CBP officials said the test targets passengers between the ages of 14 and 79 leaving the airport on a single daily flight to Japan. The trial is set to last until Sept. 30.

Johnson said the $1 billion Congress allocated last year for a biometrics-based entry/exit system marked a turning point for the department's efforts. "It's time to do this," he said.

It's also time to reorganize DHS' National Protection and Programs Directorate into a new entity called Cyber Infrastructure Protection, Johnson told Sen. Sheldon Whitehouse (D-R.I.) in response to the senator's question about protecting critical infrastructure from cyberattack.

Whitehouse asked Johnson whether DHS was using "red teams" to test the cybersecurity of critical infrastructure providers. Whitehouse said he had heard that critical infrastructure providers were pleased with DHS' cyber protection efforts.

"But are they happy because it's a robust plan or because they're not being asked to do much?" Whitehouse asked.

Johnson declined to share details on the red team testing and instead advised Whitehouse to request a fuller response off-line from Assistant Secretary for Infrastructure Protection Caitlin Durkovich.

"Let me take this as an opportunity to plug the reorganization of NPPD into a cybersecurity and infrastructure" organization, Johnson said. "We need an agency for cybersecurity and infrastructure."

NPPD has been pushing for the reorganization for months. NPPD Undersecretary Suzanne Spaulding previewed the plan last October, and it's under consideration in Congress.

The proposed Cyber Infrastructure Protection organization would cut across the National Cybersecurity and Communications Integration Center, the Office of Infrastructure Protection and the Federal Protective Service. The effort would put physical security experts alongside cybersecurity staff to provide a more effective and coherent defense against cyberattacks that could cause physical and cyber damage across sectors.