Cybersecurity plans wait for DHS to complete its evaluation of threats

DHS won't be able to pinpoint the weakest links 'until we do a complete cybersecurity threat assessment.'

'DHS' Andy Purdy

The nation's ability to defend against cybersecurity attacks isn't on track, because the Homeland Security Department hasn't finished evaluating the country's threats and vulnerabilities.

But Andy Purdy, acting director of DHS' National Cyber Security Division, told lawmakers last week that a draft of the cybersecurity threat evaluation plan would be available in the fall.

Purdy, testifying before the Senate Homeland Security and Governmental Affairs Subcommittee on Federal Financial Management, Government Information and International Security, said a complete plan likely won't be ready until next year.

First things first

In the meantime, DHS will not be able to pinpoint the nation's weakest security links.

'Until we do a complete cybersecurity threat assessment, it is difficult to do that,' he said.

Aside from the threat assessment, the division's first priority has been to create a cyberspace response system in partnership with other agencies and the private sector, which Purdy said was centered largely on the US-Computer Emergency Response Team Operations Center.

But key parts of the first priority also haven't been completed or have only just started. For example, according to Purdy:
  • DHS officials haven't yet integrated their collaboration platform with the department's Homeland Security Information Network backbone.

  • DHS' Government Forum of Incident Response and Security Teams held its first classified threat briefing with intelligence community agencies last month.

  • Formal resource sharing agreements among DHS and other agencies to fend off and recover from cyberattacks haven't been adopted because planning is incomplete.

The division's second priority is to assess threats and reduce risks.

The department needs to do a better job of deciding what its main concerns are, said David Powner, the Government Accountability Office's director of IT issues.

'There is an issue with prioritization and there is an issue with delivery. There have been steps taken, but there need to be more steps,' Powner told legislators.

As part of its preparedness work, NCSD plans to mount a national cybersecurity preparedness and response exercise, to be called Cyber Storm, in November, Purdy said.

The division has worked with the Justice and Defense departments via the National Cyber Response Coordination Group to plan Cyber Storm.

'The NCRCG has developed a concept of operations for national cyberincident response that will be examined in the National Cyber Exercise, Cyber Storm, with public- and private-sector stakeholders,' Purdy said.

Subcommittee chairman Tom Coburn (R-Okla.) said DHS needs more permanent leadership in the cybersecurity division and to build better partnerships with the private sector.

The division has operated with an acting director since last fall and faces an additional reorganization with the creation of an assistant secretary for cybersecurity and telecommunications.

Gaps remain

Purdy's testimony focused on DHS' cybersecurity priorities, activities and plans, but questions from Coburn and other lawmakers focused on some of the remaining gaps.

Sen. Susan Collins (R-Maine), who is chairman of the full committee, noted that DHS secretary Michael Chertoff has adopted congressional recommendations to elevate Purdy's job to the assistant secretary level and said, 'Clearly, secretary Chertoff has decided that cybersecurity needs more attention and resources.'

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.