DHS launches trio of IT security groups

DHS launches trio of IT security groups

Amit Yoran

Olivier Douliery

The Homeland Security Department has formed three new organizations to strengthen federal IT defenses and coordinate responses to systems threats.

In an exclusive interview, DHS National Cyber Security Division director Amit Yoran said the groups give cybersecurity officials a method for meeting in person as well as in online collaboration environments.

So far, 'the most obvious lesson learned is there's a great desire to collaborate, to work together to help one another,' he said.

Yoran outlined the roles of the three new units:

  • The Government Forum of Incident Response Teams, or G-FIRST, is made up of frontline systems chiefs. It includes officials from the 24-hour watch center within Yoran's division, the U.S. Computer Emergency Response Team, the Pentagon and civilian agencies.


  • The Chief Information Security Officers Forum was created 'to share information about programs that are successful and ones that are challenged and need assistance.' Its members are senior officials designated to oversee each agency's cybersecurity and make sure agencies meet the mandates of the Federal Information Security Management.


  • The third unit, the Cyber Interagency Incident Management Group, includes officials from agencies 'that have significant capabilities in cybersecurity,' Yoran said. Mainly made up of officials from law enforcement, national security and Defense Department agencies, the group provides a forum for planning responses to major cybersecurity incidents, he said.

    The goal of the third group is to assure governmentwide coordination when attacks occur rather than having some agencies simply working on their own responses, Yoran said. 'The intent is that when bad stuff happens that the organizations talk to each other,' he said.


Yoran has been in his job since September [see GCN story]. He came to DHS from Symantec Corp. of Cupertino, Calif. He co-founded Riptech Inc., a security company in Alexandria, Va., that Symantec acquired.

Yoran essentially took the spot previously held by White House national cybersecurity advisers Richard Clark and Howard Schmidt.

His security post is within DHS' Information Assurance and Infrastructure Protection Directorate'less visible than the White House appointments held by Clark and Schmidt. Even so, Yoran said he has ample access to senior leaders.

'I am at the White House once or perhaps twice a week,' he said. 'I feel confident we have the access and support we need.'

But Yoran cautioned, 'Zero cybersecurity incidents or outages is not a reasonable goal''minimizing the duration and impact of incidents is.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.