Homeland Security to Debut Cybersecurity, Communications Integration Center
Homeland Security Secretary Janet Napolitano will cut the ribbon on the federal government’s National Cybersecurity and Communications Integration Center (NCCIC) this week, she said on Wednesday. With the convergence of communications and Internet technology, the government must collocate and make interoperable its cyberresponse mechanisms, she told the Meridian conference on global critical infrastructure protection in Washington. The department has also posted 150 cyberdefense jobs so far at DHS.gov/cyber, part of its newly granted “special authority” to hire up to 1,000 cyber professionals (WID Oct 2 p3), Napolitano said.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
U.S. government networks are attacked thousands of times daily, and the FBI recently charged nearly 100 people in the U.S. and abroad with one of the largest cyberfraud cases in history, Napolitano said. That’s why the department has consolidated “everything cyber” under the National Protection and Programs Directorate, charged with improving coordination among the government, industry and international partners. The National Cyber Security Center (NCSC) used to be “way over here” on the organizational chart but is now in the same chain of command to Napolitano as the National Cyber Security Division and its U.S. Computer Emergency Readiness Team (US- CERT), she said.
The government’s Trusted Internet Connections program to reduce the number of external connections is going well and Homeland Security is deploying its Einstein network- monitoring software to those points, Napolitano said. The Department showed its value in cybersecurity since Napolitano joined in working with industry to mitigate “two potentially major” threats, the Conficker worm and denial-of-service attacks against the government over the July 4 weekend, she said. The department has also published privacy-impact statements on the Einstein system, and made them available online, she said. Privacy was “baked into Einstein from the start.” Mary Ellen Callahan, a pioneer in Internet privacy policies (WID Feb 20 p2), has participated in “many of the meetings, the decisions and the planning” department-wide since she took over the Privacy Office, Napolitano said.
The NCCIC, pronounced “N-kick,” will bring together in a single building disparate information-technology centers that deal with cyber and communications disruptions and incident response, Napolitano said. It will include the National Coordinating Center, US-CERT, the Office for Intelligence and Analysis and NCSC, integrating their functions at the new facility, and in a second phase industry partners will be incorporated with their own offices at the building, she said. The second initiative is the National Cyber Incident Response Plan. Officials have been drafting a report and plan to host a “tabletop exercise” next month, with a target date of December or January for “full intergovernmental coordination of a first draft” of the response plan, she said. It will be similar to the government’s regularly updated response plans for natural disasters. “The real novelty here is that the participants … are not in separate buildings,” Napolitano said.
It’s time for a global effort on cybersecurity, building on October’s cybersecurity awareness month in the U.S., Napolitano said. Officials must “anticipate it and get ahead of” potential cyber threats with their international partners and drop the notion that security and IT are separate from government and businesses’ “core competencies,” she said. “We all went about our lives as if nothing had changed technologically.” She agreed with a Portuguese questioner that there was a “language barrier” between cyber-experts and elected officials on the importance of cybersecurity. “Translating what you are doing into something that makes sense to them is important,” Napolitano said. The challenge for the U.S. in collecting and sharing data is conveying especially to the European Union that U.S. privacy laws are “quite robust.” There has been a “fair amount of misunderstanding” among European officials, she said. Napolitano also stressed that she was serious about teaching children “from the earliest ages” about “cyberhygiene.”