DHS Chief Cites NCCIC Growth, Urges Further Expansion

January 5, 2016–Homeland Security Secretary Jeh Johnson said in a report issued today that the agency’s National Cybersecurity and Communications Integration Center (NCCIC) – which serves as the federal government’s hub for cybersecurity threat data sharing, technical assistance, and incident response – expanded its activities in 2016 and needs to grow further to meet increasing demand for its services. In an “exit memo” wrapping up DHS’s progress on a host of issues since the beginning of the Obama administration, Mr. Johnson keyed in on cybersecurity as one of the agency’s areas of achievement and urged the incoming Trump administration “to continue to make cybersecurity a top national security priority.”

Saying that NCCIC’s mission is “growing rapidly,” Mr. Johnson noted that the center issued more than 6,000 bulletins and responded to 32 cybersecurity incidents in 2016, in addition to opening up the cyber threat data sharing portal authorized by Congress at the end of 2015. He said that as of October 2016, 74 entities were “connected to this new system,” including “foreign partners and 12 federal agencies.”

“For the future, we must ensure that DHS’s cybersecurity mission has the resources necessary to meet increasing demand” Mr. Johnson said, adding, “The NCCIC must continue to grow, both in size and capability.”

“This includes staffing senior leadership roles, in NCCIC and DHS, with expertise in computer science, data science, information security, user experience, and other technical disciplines,” he said. “We must also invest in and support the law enforcement agencies within DHS in order to combat cybercrimes, consistent with their authorities. As we continue to improve our ability to monitor threats and collect and share information, we are going to continue to proactively discover and remediate vulnerabilities. This is critical to strengthening our collective defensives and to protecting our nation’s security and prosperity.”

On the legislative front, Mr. Johnson again urged Congress to approve a proposed reorganization of DHS’s cybersecurity functions that would replace its current National Protection and Programs Directorate with a new Cyber and Infrastructure Protection Agency. “This proposed reorganization would streamline and strengthen existing functions within the Department and ensure we are best positioned to execute our vital mission of countering cyber threats to the nation,” he said.

And, he said, DHS was continuing efforts to get all larger federal agencies and departments to deploy Einstein 3 Accelerated (E3A) network security protection technologies; about 80% of federal civilian networks have already done so, the DHS secretary said. – John Curran, john.curran@wolterskluwer.com

Courtesy TRDaily