DHS to meet another deadline with cyber ‘weather map’

The Homeland Security Department’s cybersecurity “weather map” will be officially certified later this month, as the agency continues its work to meet goals and deadlines set by the Cybersecurity Information Sharing Act.

Phyllis Schneck, DHS deputy undersecretary of cybersecurity and communications, said Secretary Jeh Johnson is scheduled to certify the Automated Indicator Sharing initiative on March 16.

The system, which allows the public and private sector to see and share cyber threat information, is currently up and running, Schneck said, but the certification officially announces its operation.

“We just got new legislation from the Hill … that looks at our operations center being the center for what they call automated indicator sharing,” said Schneck during her speech at the 2016 Women in Defense Annual National Conference, in Arlington, Virginia. “In English that means the threat indicators that show you what might be good and bad in cyber, and a way to with all the privacy-civil liberties expertise collect them in one place. So again, we don’t have to collect it in multiple places and spend a lot of money, time, computers … and people putting it back together. It all comes into one place. I call this the ‘weather map.’ All the temperatures, wind and humidity data in one spot. We make the picture and we send it out to everyone.”

Schneck said a free application program interface will allow industry to access this cyber map and add their own opinions to those indicators and send them  “out to your closest friends.”

In mid-February, DHS met the first deadline of the Cybersecurity Information Sharing Act of 2015 by working with the Justice Department to issue interim guidance for AIS.

An inevitable ‘cyber thing’

Schneck’s message to the conference also included her agency’s desire to clarify the resources it can provide to the private sector.

“Who would you call if you had a cyber intrusion?” she asked. “A big lesson I can give you is you don’t want to go to the Yellow Pages with your hair on fire. So I’d offer to make some of those relationships, whether it’s with us or the FBI, or with anyone you think you’re comfortable with, or with your vendors. Make those relationships before a cyber thing happens; you will have a cyber thing. And if  you understand who to go to and how to mitigate it, that’s most of your issue.”

Schneck said DHS’ cyber workers can come in and help a company, but unlike a decade ago when their plan of action was to pull the plug, their job now is to keep a network online.

“We have the best of the best working in the network to keep the company running, or the agency running — we did this at [the Office of Personnel Management] — while we hunt the bad guys and while we watch what they’re going to do and watch who they’re calling and watch where they’re going.”

A few good men (and women)

Schneck did include a pitch for the public sector, saying she would be happy if anyone wanted to come join the agency’s mission.

While the private sector might offer five times the pay, she said, “Our mission is second to none.”

“You will see things, you will do things, you will look at problems, you will be in meetings — most of which are pretty interesting — that you never thought you’d be in before.”

Schneck’s pitch piggybacked on the message DHS Secretary Jeh Johnson gave to Congress on March 8, when he admitted that the agency’s cyber workforce needed a shot in the arm.

“We are competing in a tough marketplace against the private sector, that is in a position to offer a lot more money,” Johnson said. “We need more cyber talent without a doubt in DHS, in the federal government, and we are not where we should be right now, that is without a doubt.”

The agency has requested $40.6 billion in appropriated funding for fiscal 2017. Part of that request would cover the hiring of an additional 3,500 workers, as well as about $47 million to sustain the EINSTEIN program.

About $275 million has been requested for the Continuous Diagnostic Mitigation program, which provides hardware, software and services designed to support activities that strengthen the operational security of federal “dot-gov” networks.

Related Stories