DHS; Diverse in Responsibilities, On Target with Cybersecurity
Govciooutlook

DHS; Diverse in Responsibilities, On Target with Cybersecurity

By Frosty Walker, Chief Information Security Officer, Texas Education Agency

Frosty Walker, Chief Information Security Officer, Texas Education Agency

While most of us typically think of the Department of Homeland Security (DHS) as the federal government agency which protects our borders, we often do not realize the scope of responsibilities the department covers. From academic engagement to transportation security, the department covers critical topics such as election security, disaster assistance, disaster resilience as well as disaster response and recovery. Oh, I forgot to mention emergency communications, infrastructure security, civil rights and civil liberties, human trafficking, and cybersecurity and about a half dozen more responsibilities have DHS’s oversight. For the sake of time and digital storage space, I would like to focus on cybersecurity.

In November of 2018, President Donald Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018, (CISA). The DHS then established a CISA division to focus on our nation’s ability to defend against cyber-attacks, combating cybercrime, cyber incident response, protecting critical infrastructure, providing cybersecurity governance, as well as promoting cyber safety and cybersecurity training and exercises.

"The next time you have a few minutes and think of DHS protecting our borders, browse through their website. You may be surprised at the diversity of the agency and the information resources available on cybersecurity"

I work with the DHS on defending against cyber-attacks and follow the binding directives they distribute. This involves establishing security controls based on best practices. While this sounds easy, trying to get your organization to implement changes can be challenging. After all, old habits are hard to break and legacy applications can be difficult and expensive to remediate. Assessing your cybersecurity posture can be time consuming, even when you are using an established cybersecurity framework as a guide. Long term, it is well worth the effort. Having a starting point on any journey is critical and that is what you have when completing the first cybersecurity framework assessment. Now you can create a roadmap which will help you with developing both short-term and long-term budget estimates. While we would all like to make major improvements in our overall cybersecurity posture in one quantum jump, the reality is it’s typically a slow process.

Another cybersecurity effort that I have worked with DHS on is their Cyber Storm exercises. I have had the privilege of working on two of the projects and have been very impressed with the Cyber Storm initiative and how well organized they are. Cyber Storm provides an opportunity for the federal government, state and local organizations to address cyber incident response as a community. Each organization designs their own cyber incident to see how well they would respond to a major incident and then analyze whether it might have an impact on other organizations.

First, you get to practice a cyber incident response within your own organization to see how the incident is handled. Second, you have the opportunity to perform a deep dive into your processes to see how quickly you can respond and recover from an incident. For example, your application uses a self-service password reset. You have 10,000 users and you want to force a password at the next login as a precaution. It should be easy, right? You need to review your application logs to see if you can determine how many password resets occurred in the last 30 days. Then, review your helpdesk logs to see how many users needed helpdesk assistance to reset their passwords in the same timeframe. If the percentage that needed helpdesk assistance is 5% or more, you can only imagine how swamped your helpdesk might be if you forced a password reset. Users who have a frustrating experience with your support may not be your users for long as they look for someone else to provide similar services. As a result of a cybersecurity incident exercise, you may need to re-examine your self-service password reset process to determine if the high volume of helpdesk assistance is needed due to the process or if you need to improve user training to help resolve the issue.

Another common issue found in a cybersecurity exercise like Cyber Storm is having current contact information if you need to notify customers of a data breach or exposure. You may need to verify how often your application or website requires users to review and update their profiles, which should include contact information such as email, and physical address, when impacted by a data breach to be notified in writing, as this is a requirement by many states.

If you have an opportunity to participate in a Cyber Storm exercise, you will find it well worth your time. After the Cyber Storm exercises I participated in, I started developing other cybersecurity exercises to conduct on my own. I am confident the experience my organization gains during an exercise will pay off should we have a major incident.

The Department of Homeland Security is also a wealth of information on the topic of cybersecurity and offers over 800 hours free training for federal, state, local, tribal, and territorial(SLTT) government personnel, veterans, and federal government contractors through their Federal Virtual Training Environment (FedVTE) online on demand training system. The next time you have a few minutes and think of DHS protecting our borders, browse through their website. You may be surprised at the diversity of the agency and the information resources available on cybersecurity.

Weekly Brief

Top 10 Security Companies in Europe - 2020
Top 5 Security Consulting/Services Companies in UK - 2020

Read Also

Bridging the Generational Gap in E-Governance

Bridging the Generational Gap in E-Governance

Inez J. Rodenburg, GISP, CGCIO, MBA, Chief Information Officer (CIO), City of Danville
Adapting to New Challenges with Adults in Custody

Adapting to New Challenges with Adults in Custody

Derrick Peterson, President of the NW Chapter of the National Organization of Black Law Enforcement Executives (NOBLE) & Captain of Auxiliary Services Unit, Multnomah County Sheriff’s Office
The Jail Officer and CIT

The Jail Officer and CIT

Major Charles E. Armstrong, Director of Operations, Riverside Regional Jail
Guiding Individuals with Community Corrections

Guiding Individuals with Community Corrections

Maureen Anderson, Probation/Pretrial Manager, Prince William County Government
Leveraging Data to Design More Effective Transportation Programs and Drive Project Productivity

Leveraging Data to Design More Effective Transportation Programs and Drive Project Productivity

Rob Tieman, PE, PMP, Director, Project Management Office, Virginia Department of Transportation
Getting Smarter about Running an Agile Government: AI and the Next Wave of American Innovation

Getting Smarter about Running an Agile Government: AI and the Next Wave of American Innovation

Tim Persons, Chief Scientist and Managing Director, Science, Technology Assessment, and Analytics, United States Government Accountability Office