Politics, bad luck and lack of maturity have hampered DHS

Former cybersecurity chief says department is still growing into its role

As the lead agency for securing dot-gov resources, the Homeland Security Department has a mandate to stop malware from getting into government networks and keep bad things from happening, a job it has not yet sorted out how to do, said Greg Garcia, former DHS cybersecurity chief.

A key element of this task will be the third phase of the Einstein network monitoring system, an intrusion prevention system that faces multiple challenges. “They are still working through it,” he said recently. “It is a complicated technical question with an overlay of political and privacy issues that delays the development of the architecture.”

Despite the challenges and false steps made by DHS in its cybersecurity initiatives, Garcia said he is confident the department can grow into its mission.

Progress on Einstein 3 will depend partly on how well the second phase of the program works as it is implemented during the next few months. Developers need to create protocols for dealing with apparently malicious traffic, and there still is tension between the demands of privacy and need to share information that the system gathers.

But the success of Einstein — and DHS in general — also will depend on the ability of the young department to wriggle free from the political squabbling between the administration and congressional overseers that has hampered its development during its early years, Garcia said.

Garcia was assistant secretary for cybersecurity and communications from September 2006 to December 2008, when he resigned to establish a private consulting firm. Established in 2003, DHS is a large and still young department, and its formative years were blighted partly by bad luck and partly by politics, the former official said.

“There is a different dynamic at work now than during my tenure,” he said.

During that time, the department was caught between a Republican president and a Democratic Congress that came into power shortly after the disaster of Hurricane Katrina, which gave the Federal Emergency Management Agency and the entire DHS a black eye. The fumbled response to the devastating Gulf Coast hurricane provoked aggressive congressional oversight of the department, he said.

“You had a number of members of Congress who used DHS as a whipping boy,” Garcia said. The department was on the defensive and too many decisions were being made by political types rather than line managers. “It creates an atmosphere of distrust.”

At the same time, DHS has been burdened with the challenge of developing an effective business infrastructure to support a department quickly cobbled together from a broad range of existing agencies. Even under good conditions, it can take a department that size 10 years to gain traction and begin operating at full efficiency, he said.

Garcia said legitimate oversight of the department is needed, including the overlapping jurisdictions of different committees that oversee different aspects of the DHS mission. And things have become better under a Congress that is no longer openly at odds with the executive branch. That bodes well for the department’s development, he said.

“DHS has to mature,” he said. “I have faith that it will. I have confidence in it.”

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Tue, Dec 22, 2009

To the Republican who commented below: less psycho-babble, more atonement and shame please.

Tue, Dec 15, 2009

I take exception the comment "The fumbled response to the devastating Gulf Coast hurricane provoked aggressive congressional oversight of the department, he said." The fumbled response was primarily due to the inaction by the local government and not the Feds. The Feds took the heat because of the politics (partly to take the heat off the bumbling Democrat locals and partly to find something else to ding the Bush administration), not because of any major screw ups. The Feds only big screw up was that they over-did their relief over time. All you need to do to prove that is see what was done by the Feds with Hurricane Hugo in either 1993 or 1994 with their snail slow response and yet did not get much bad press - when both the Congress and the President were run by Democrats. Also, nearby Mississippi was hit harder by Katrina and yet had relatively minor problems (and little bad press) compared to Louisiana. The levee problem in New Orleans predated the administration and had nothing to do with the responding Fed groups.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above