NASTTPO

NASTTPO

Cybersecurity

Building a Planet-Class Cybersecurity Team

by Leave a Comment

By Mark Weatherford, Deputy Under Secretary for Cybersecurity

Today, we are more connected to the Internet than ever before.  We depend on a vast array of interdependent networks for communication, travel, powering our homes, running our economy, and obtaining government services.  With so much of our daily lives dependent on cyberspace, cybersecurity has become an increasingly important part of DHS’ mission, just as it has become a larger priority for state and local governments, businesses, and individuals.

DHS continues to demonstrate our commitment to building the best cybersecurity team in the world by recruiting some of the most talented and experienced professionals available.  Since its creation, the Department has increased its cybersecurity workforce by more than 600 percent while working with universities to develop and attract talent through competitive scholarships, fellowships, and internship programs.

When I joined DHS about six months ago, I quickly realized that we could build on the strong foundation of the Department’s cyber workforce with new skills and leadership to grow and adapt in the face of an evolving cybersecurity environment.

It’s impossible to mention all of the dedicated cybersecurity professionals at DHS, but I’d like to highlight a few recent additions that have propelled us to higher standards and increased our capability as a department:

  • Mike Locatis is the new Assistant Secretary for Cybersecurity and Communications and comes to DHS from the Department of Energy where he was the Chief Information Officer.  He has a breadth of cybersecurity and communications experience across nearly every level of government and the private sector and has a history of charting organization transformations in the federal government.
  • Rosemary Wenchel has joined us as the new Deputy Assistant Secretary for Cybersecurity Coordination.  She will coordinate joint cybersecurity efforts between DHS and the Department of Defense.  Rosemary will also work with the Science and Technology Directorate to ensure the Department’s cybersecurity research and development efforts are fully coordinated with policy and operations. She served previously in DOD where she was responsible for Departmental activities pertaining to policy development, guidance, and oversight of Information Operations.
  • John Streufert joined DHS in January as the Director of our National Cybersecurity Division (NCSD).  John came to DHS from the Department of State (DOS), where he earned national accolades for the successful implementation of state of the art security solutions in federal departments, and transformed DOS’ security posture while enabling it to execute a world-wide mission.
  • Larry Zelvin just joined us as Director of the National Cybersecurity and Communications Integration Center, DHS’ 24×7 center to coordinate cyber awareness across government and the private sector.  Larry has experience at the National Security Staff and the DOD, where he has led interagency and stakeholder outreach related to operations. 
  • Dr. George Moore is the new Technical Director for NCSD and also comes to us from the Department of State.  Dr. Moore is a renowned expert in areas of standards and security controls and will be helping develop programs to bring new levels of security to the Federal Government
  • Danny Toler is our Director of Network Resilience and a recognized expert in transitioning IT delivery toward solutions that are more holistic and integrated.  Danny came from the Department of State, and his leadership will be crucial in helping us develop cloud and managed security service solutions that result in new levels of efficiency across the government.
  • Ron Hewitt is the new Director of the National Communications System.  A recently retired Rear Admiral from the U.S. Coast Guard, Ron has an incredible track record of bringing together diverse communities to work together toward a common goal, particularly in the areas of information technology, communications, and first responders.
  • Tom Baer has come aboard as the Deputy Director of US-CERT.  Hailing from the Federal Bureau of Investigation where he was their Chief Information Security Officer, Tom is an expert in the areas of forensics and analysis and, with impressive leadership credentials, he is charged with broadening outreach efforts and intergovernmental coordination for US-CERT.

These new members of our vast cybersecurity team bring a wide array of experience and skills.  Building on the successes of our strong and robust team, we are taking the DHS cybersecurity program to new levels that will ultimately enhance the security and safety of our nation.

Published by the U.S. Department of Homeland Security, Washington, D.C.

The Blog @ Homeland Security

2012 Summer time Olympics: Go for the Gold in Cybersecurity

by Leave a Comment

Posted by the Cease.Assume.Connect.™ Campaign

Handful of events attract significantly more on the net clicks, views, and downloads than the Olympics, but athletes are not the only ones getting ready for London.&nbsp With the 2012 Summer season Olympic Games just about the corner, cyber criminals and on the net scammers are certain to be on the prowl, hoping to take advantage of Web customers who let their guard down with offers of discounted tickets, free merchandise, exclusive videos, or breaking news.

Hackers frequently take benefit of huge, highly-publicized events and well-known news stories to get users to click on fraudulent links and unknowingly download malware or other viruses onto their computers, clever phones, tablets, and other wireless devices. Hackers quite often use search engine optimization tricks to ensure that malicious web pages appear on a search outcome web page for specific search phrases, and use clever tricks to convince World-wide-web users to give out their credit card and personal material.&nbsp

To stay away from these web based scams, it is necessary to stick to these cybersecurity practices:
  • Update and run anti-virus and anti-spyware software regularly
  • Use spam filters and firewalls&nbsp
  • Only download apps and software program from reputable sources – if you can’t confirm where it is coming from, do not download it
  • Never click on hyperlinks promising deals that you weren’t expecting, and scrutinize hyperlinks very carefully when browsing for Olympic-associated pages
  • Don’t open emails from unknown people or organizations or that have attachments or links, and in no way click an embedded hyperlink in an unsolicited email
  • Under no circumstances deliver your private facts or credit card numbers unless you can verify a site’s authenticity

Don’t forget, if it sounds also decent to be accurate, it probably is. For significantly more details on safeguarding your computer system and your self, visit the Quit.Consider.Connect.™ campaign.

Published by the U.S. Department of Homeland Security, Washington, D.C.

The Weblog @ Homeland Security

Demonstrating the Require for the Cybersecurity Legislation

by Leave a Comment

Posted by Secretary Janet Napolitano

Combating cyber threats is a shared responsibility that requires broad engagement – from government and law enforcement to the private sector and most importantly, members of the public. No nation, sector, neighborhood or individual is immune to cyber dangers. DHS plays a crucial function in this work, the two in guarding federal networks and assisting owners and operators of crucial infrastructure to secure their networks by way of chance evaluation, mitigation, and incident response capabilities.

Above the past numerous weeks, we have mentioned the Administration’s cybersecurity legislative proposal and how the recently launched bill by Senators Lieberman, Collins, Rockefeller and Feinstein would provide the comprehensive resources we need to have to successfully deal with the total assortment of cyber threats facing our nation, whilst preserving privacy and civil liberties and respecting freedom, openness, and innovation.

This week, I participated in a cyber demonstration for senators hosted by Majority Leader Harry Reid to display how the federal government would respond to a main cyber incident and how legislative reform would increase that response. Together with leaders from across the federal government, I discussed how a cyber attack on America’s critical infrastructure could have broad impacts by disrupting crucial resources, resulting in billions of dollars in economic loss and even potential reduction of life.

This Administration believes in the innovation and experience of the private sector. We will function with critical infrastructure owners and operators to make certain the adoption of cybersecurity practices and technologies that function best on their networks in order to achieve a baseline level of cybersecurity. As component of this proposed legislation, DHS will conduct targeted risk assessments in consultation with the private sector and others to establish which techniques and assets are topic to the best and most immediate cyber threats. We will collaboratively define cybersecurity overall performance needs for these nationwide security, economically important, or life-sustaining services.

This week’s cyber demonstration also illustrated how a more powerful legal framework paired with stiffer penalties for cyber crimes and the removal of legal barriers to sharing information will guard the American public and the American financial system.

All sides agree that federal and private networks ought to be much better protected, and that details really should be shared much more easily, however nevertheless securely. Each the Administration’s proposal and the Cybersecurity Act of 2012 (S. 2105) would supply DHS with clear statutory authority commensurate with our cybersecurity responsibilities, although getting rid of legal barriers to the sharing of information. As the Secretary of Homeland Security, I strongly support S. 2105 since it addresses the need to have, the urgency, and the methodology for guarding our nation’s crucial infrastructure.

The time to act is now: we ought to improve cybersecurity coordination, strengthen our cybersecurity posture, and safe all components of our economic climate against this severe and growing threat, even though guarding privacy, confidentiality, and civil liberties. We appear forward to continuing our engagement with Congress in the days ahead to attain agreement on a bill that will move the Nation forward.

Examine about how the Cybersecurity Act of 2012 would enhance protections for the American public, advance government network security, and boost protection of crucial infrastructure.

Published by the U.S. Division of Homeland Safety, Washington, D.C.

The Weblog @ Homeland Security

Cybersecurity Legislation Would Improve Protection of Vital Infrastructure

by Leave a Comment

Posted by Mark Weatherford, Deputy Undersecretary for Cybersecurity

Last week, I talked about the not too long ago-introduced Cybersecurity Act of 2012 and the aspects of the legislation that would improve the protection of the federal executive branch networks and assist preserve the American public protected from theft, fraud, and loss of individual and monetary data. Nowadays I’d like to go over how the legislation would improve the safety and resiliency of the nation’s critical infrastructure — from banking and monetary methods, to power plants and electric grids, to transportation and shipping hubs.

DHS leads the nation’s vital infrastructure protection and cybersecurity efforts, but the federal government can’t do it alone. The huge vast majority of essential infrastructure is owned and operated by the private sector, and the landscape is continuously altering as new and more sophisticated threats emerge. DHS is focused on constructing and strengthening partnerships across all amounts of government and with the personal sector in order to improve data sharing, assistance cyber incident response, and make cyberspace basically safer and a lot more safe.

The Cybersecurity Act of 2012 clarifies DHS’ authority to provide support to sector and state, nearby, tribal and territorial governments and establishes a risk mitigation framework to make certain that companies supplying the Nation’s most crucial services are instituting a baseline degree of cybersecurity. This proposal would leverage the experience of the personal sector requiring the Nation’s most vital infrastructure adopt the cybersecurity practices and technologies that perform very best on their networks.

It also removes barriers to sharing cybersecurity data among industry and the federal government by offering immunity from other laws for the purpose of sharing this kind of cybersecurity info with DHS. At the exact same time, the legislation mandates robust privacy oversight, such as criminal penalties for misuse, to make sure that voluntarily shared info does not impinge on person privacy and civil liberties.

The Cybersecurity Act of 2012 aligns closely with the Administration’s cybersecurity legislative proposal, and will allow DHS and our partners to continue to perform with each other to safe cyberspace, defend our nation’s essential infrastructures, and advance our economic and security interests.

Published by the U.S. Department of Homeland Security, Washington, D.C.

The Blog @ Homeland Security