NPPD’s Krebs: NCCIC Focus is ‘Today’ and NRMC ‘Tomorrow’

Christopher Krebs under secretary undersecretary DHS Department of Homeland Security National Protection and Programs Directorate NPPD leader CISA cybersecurity and infrastructure security agency

(Photo: Government Matters)

Christopher Krebs, Department of Homeland Security under secretary for the National Protection and Programs Directorate (NPPD), said Thursday that NPPD is focusing on the cybersecurity fight of both today and tomorrow, through the various coordinating centers that fall under NPPD’s purview.

That fight is playing out on multiple fronts–whether it be election security or critical infrastructure protection. And the two primary centers in that fight, Krebs noted, are the National Cybersecurity and Communications Integration Center (NCCIC), and the newly-established National Risk Management Center (NRMC).

“The NCCIC is focused on defending today, taking care of the worms and the malware and all that good stuff that’s burning across the globe right now,” Krebs said at an event organized by GovernmentCIO Media. “The National Risk Management Center is focused on tomorrow, securing tomorrow, figuring out what the strategic risks are to our critical infrastructure, and bringing together the groups and the partnerships that we need to ensure that the next deployment, whether it’s the rollout of 5G, or the next pipeline, or whatever it is, has security baked in by design.”

NCCIC’s Role Today

Today’s fight has come into particular focus in the area of election cybersecurity. Krebs called the 2016 elections “an awakening” and “the first time I think people actually realized that cybersecurity could destabilize our government.”

“It really shook people to the core,” he said. But today, Krebs is backing the support local election authorities have from the NCCIC, as well as the strength of the overall partnerships across the country.

“We’ve established partnership mechanisms, communication protocols so that if now I have a piece of intelligence–actionable intelligence–I know who to go to in every single state,” Krebs said.

DHS Secretary Nielsen reinforced these claims on Tuesday, when she said that all 50 states are partnering with DHS. The Department has also provided intrusion sensors to local election authorities, that will allow DHS to detect network abnormalities on Election Day. Those currently cover about 90 percent of people going to the polls on November 6, according to Nielsen.

Nielsen also announced that on Election Day, NCCIC will be running point and providing immediate response to any potential issues that occur across the country.

Krebs said DHS has streamlined the way it can interact with local officials. “Whether it’s the secretary of state, a senior election official, the homeland security advisor, the state CIO, and the governor, we know who to hit and we can do it quickly, whether they have a clearance or not.”

NRMC’s Role Tomorrow

Regarding tomorrow’s fight, Krebs noted that DHS is still building out the capabilities of NRMC, and isn’t expecting an immediate grand slam, and is instead “playing small ball, singles and doubles, driving in runs, building confidence to launch to bigger success stories down the road.”

He indicated this as the reason that NRMC is beginning its work with a focus on the “tri-sector”–energy, finance, and telecommunications–before branching out to all of the 16 sectors classified as critical infrastructure.

“Let’s start this up small with a core group of dedicated partners that want to lean in, that want to be co-located with us, or us co-located with them, and start having some small-scale but significant wins,” Krebs said, citing a new pipeline initiative with the Department of Energy as an example.

“We have to be real with ourselves that there are some sectors that pose a greater degree of risk to our nation and our economy,” Krebs said.

The tri-sector seems to fit neatly into that discussion, but they are also the critical infrastructure sectors known to employ the most robust security practices.

So one of the next steps for NRMC, Krebs said, will be to find out where the risk and reward lies in protecting pivotal functions across the rest of the sectors. NRMC has announced a series of 90-day sprints on key issues, and identifying priorities in those other sectors is where we should see movement next.

“That is one of the sprints that we’re working for the risk management center across the 16 sectors. What are those key functions–some sectors will have more functions than others–that industry has to deliver to ensure our economy keeps clicking and whirring?” he said.

Recent