The Department of Homeland Security (DHS) today unveiled a new five-pronged strategy aimed at managing “national cyber risk,” and in particular, U.S. “cyber and critical infrastructure security.”
The new strategy, DHS said, is “aimed at ensuring the availability of critical national functions” and “fostering efficiency, innovation, trustworthy communication, and economic prosperity in ways consistent with our national values and that protect privacy and civil liberties.”
The strategy released today–the creation of which was mandated by the 2017 National Defense Authorization Act–aims at coordinating a host of DHS cybersecurity efforts.
“The intent is for this strategy to enable the harmonization and prioritization of DHS planning, programming, budgeting, and operational activities across all DHS cybersecurity mission areas,” the agency said, adding, “It will focus on coordinating departmental cybersecurity activities to ensure a unity of effort.”
The five parts of the updated cyber risk management strategy are: 1) Assessing the national cybersecurity risk posture in order to prioritize risk management activities; 2) reducing vulnerabilities of Federal government agencies by ensuring “adequate” cybersecurity of Federal networks; 3) Reducing national cyber threats “by countering transnational criminal organizations and sophisticated cyber criminals”; 4) Minimizing consequences from “potentially significant cyber incidents through coordinated community-wide response efforts”; and 5) strengthening “the security and reliability of the cyber ecosystem by supporting policies and activities that enable improved global cybersecurity risk management and execute departmental cybersecurity efforts in an integrated and prioritized way.”
DHS said those goals are aimed at maximizing the agency’s “unique resources to accomplish impactful policy and operational outcomes.”
The agency also reemphasized the value of cooperation with other parts of the government and the private sector.
“A core guiding principle underlying the DHS strategy approach is collaboration across the cybersecurity community, including with our partners in the Federal government, state and local governments, industry, and the international community,” it said. “By working closely with our partners, the Department believes that cyberspace can be made safe and secure enabling the functioning of government, the delivery of essential services, and the betterment of the lives of the American people.
DHS Secretary Kirstjen Nielsen said in a statement today, “Digital security is now converging with personal and physical security, and it is clear that our cyber adversaries can now threaten the very fabric of our republic itself. That is why DHS is rethinking its approach by adopting a more comprehensive cybersecurity strategy.”
“In an age of brand-name breaches, we must think beyond the defense of specific assets—and confront systemic risks that affect everyone from tech giants to homeowners,” she said, adding, “The cyber threat landscape is shifting in real-time, and we have reached a historic turning point.”