Contact Join Member Login
Home » Cyber Security Issues » Homeland Security

CSIA Recommendations to the Department of Homeland Security
Cyber Security Preparedness and Response Priorities

CSIA believes that ensuring the resiliency and integrity of our national information infrastructure should be a higher priority for the federal government. While numerous federal agencies have cyber security responsibilities, the Department of Homeland Security (DHS) has a special role as the focal point for critical infrastructure protection. It has the duty to lead, set priorities and facilitate protection and response in the case of a major cyber disruption.

CSIA offers the following six recommendations to DHS as it refines its role in cyber security preparedness and response:

1. Increase Leadership

Appointing an assistant secretary for cyber security and telecommunications was a significant first step by DHS. As the focal point for cyber security leadership within the federal government, the new assistant secretary should crystallize a few key priorities that reflect the fact that the critical functions of all industry sectors rely on information technology and telecommunications, and develop programs that support and achieve those priorities. Additionally, DHS and the White House should take steps to consolidate multiple presidential-level bodies with overlapping responsibilities in the areas of IT and telecommunications.

2. Sponsor Prevention and Mitigation Programs

Programs need to be in place that aim to prevent or minimize a major cyber disruption. One example is a greater focus on research and development (R&D). DHS should increase its support and funding for R&D efforts. Another example is insurance programs. Insurance is a practical way for organizations to recover from a catastrophic loss, yet cyber incidents are not usually covered because of a lack of clarity on how traditional risk management structures can be practically applied. DHS, in partnership with the Department of Commerce, should sponsor research into viable uses of private-sector insurance coverage for cyber attacks.

3. Establish an Early Warning System

The nation lacks a formal cyber early warning system that provides situational awareness of cyber attacks. While there are some similar warning mechanisms in place, such as the Information Sharing and Analysis Centers (ISACs), we still lack a federally-supported, formal system that provides rapid and clear indication that an attack is underway and alerts all key stakeholders. DHS should support the ISACs and ensure that a more holistic system is put into place.

4. Institute Command and Control Procedures

DHS should describe how it will work with the private sector to respond and recover from a massive failure of information technology systems, either due to a cyber attack or natural disaster. DHS needs to establish a clear "chain of command" in the case of such an incident. This is especially important since the private sector owns and operates most of the nation's critical information infrastructure. There are critical questions to be answered such as: what defines an incident of national significance? which government agencies should be involved? which private sector entities? what is the legal significance of such a declaration?

5. Articulate an Emergency Communications System

DHS should ensure that we have a resilient communications system in place to execute command and control in the case of a major cyber disruption. Such a system will need to work even when telecommunications and Internet-connectivity are unavailable. This requires processes and protocols to communicate reliably and effectively and advance identification of the key stakeholders who need access to the emergency communications systems in order to perform their recovery and reconstitution duties.

6. Create a National Information Assurance Policy

Given that cyber security responsibilities span multiple government agencies, a national policy is needed that outlines the key roles that relevant government agencies should play in the protection of our cyber infrastructure. While the establishment of a national information assurance policy is not solely the responsibility of DHS, it has a critical role to play in its development and implementation and its support of such a government-wide policy is needed.