Secretary of Homeland Security John Kelly has not seen the most recent draft of President Donald Trump’s executive order on cybersecurity, even though retired Gen. Michael Hayden, former director of the National Security Agency and CIA, stated last week that it had been written.
The last published draft of the executive order, called “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” was issued on Feb. 9. Kelly, who delivered an address on how DHS is responding to security threats at the George Washington University on April 18, said he eagerly anticipates reading the new order.
“I’m standing by with bated breath,” Kelly said when Frank Cilluffo, director of the university’s Center for Cyber and Homeland Security, asked if there was any news on the order. “I can’t wait.”
One aspect of Trump’s cybersecurity plan Kelly said he feels confident about is the president’s commitment to partnering with private companies. Additionally, he stated certain members of Congress, such as Rep. Michael McCaul, R-Texas, have expressed interest in meeting with the private sector.
Some of these partnerships will go toward protecting the nation’s critical infrastructure, according to Kelly. The 17 critical infrastructure sectors are systems or networks that DHS deems vital enough to fall under Federal protection. Specifically, Kelly stated that one of his priorities is to protect the “.gov” agency websites.
“We do that, but not perfectly,” Kelly said. “We met with Microsoft in Seattle. They’re very, very interested in partnering. The government, God knows, can’t do it by itself. We couldn’t do it as well if we didn’t have the partnerships with this realm.”
DHS’s partnerships with private companies and increased emphasis on cybersecurity are part of the agency’s effort to stem cyber terrorism, Kelly said. He stated the consequences of online attacks can be just as devastating as those wrought by explosives.
“It’s not just bombs and guns. Another kind of conflict is happening in computer networks with nation-state actors with extremely sophisticated tools. They target government infrastructure, critical infrastructure, electric grids, and financial sectors,” Kelly said. “We live in an interconnected world. That’s not a trend. That’s a reality. This reliance, and perhaps overreliance, presents risks.”
While certain cyberattacks are conducted by foreign terror organizations, Kelly also expressed concern with terror threats generated within the United States. He said his department has detected an “unprecedented spike” in homegrown terrorism, which he described as notoriously difficult to prevent.
Kelly said that the cyber realm facilitates homegrown terrorism because it offers a venue for foreign cyber warriors to contact and influence young Americans. One solution is for parents to be attuned to their children’s activities, whether they are on the Internet or experimenting with drugs, Kelly said.
“What’s feeding homegrown terrorism is the Internet. They publish revolting how-to manuals,” Kelly said. “Thanks to proliferating encryption devices, these individuals are becoming harder and harder to detect. Our nation’s youth are prey to these predators.”