Cybersecurity is a top priority for the Department of Homeland Security — the agency charged with protecting the .gov and .mil domains and coordinating breach response for the private and public sector. With little more than a year left for the Obama Administration, it is also a top priority for DHS Secretary Jeh Johnson, on par with the agency's counterterrorism mission.
"Cybersecurity is a top priority for me, the president and this administration," Johnson said during a keynote address at Federal Times' CyberCon on Nov. 18. "Indeed, I am determined to make tangible improvements to our cybersecurity before leaving office as secretary."
1.) Information Sharing
One of the administration's biggest pushes on cybersecurity centers on sharing information between the government and private sector about emerging threats.
The Cybersecurity Information Sharing Act (CISA) recently passed the Senate and is headed to conference with two companion House bills. All three pieces of legislation set up DHS as the clearinghouse for maintaining and disseminating the information that will be shared, giving the agency a central role.
While waiting for the final bill, the department is looking at the processes and standards for how information will be shared and figuring out how to quickly disseminate it to other federal agencies and the private sector.
2.) China Agreement
To help stem the tide of nation-state hacks targeting U.S. commercial interests — whether theft of sensitive economic indicators and financial information or damaging attacks on American companies — DHS and the State Department are working with other countries to establish international norms.
Most recently, officials from the U.S. and China came together to settle on an agreement to end economic cyberattacks on the nation-state level and crack down on independent groups working within each country's respective borders.
Just how effective these accords will prove to be has yet to be seen. As an early step, Johnson and Attorney General Loretta Lynch will be meeting with Chinese officials on Dec. 1 and 2 for the first of several meetings to hash out practical details.
"Time will tell whether the Chinese government's commitments in writing are matched by action," Johnson said, adding that the December meetings "will be an important indicator."
3.) Harden Federal Network Security
After the high-profile breach of the Office of Personnel Management networks revealed earlier this year and a slew of smaller but significant incidents across the government, the security of federal networks has been a hot topic.
"I have directed an aggressive timetable for improving the cybersecurity for the federal civilian .gov network," Johnson said. "As the OPM breach painfully demonstrated, our federal cybersecurity efforts are not where they need to be. But we are improving."
The two biggest pushes in this direction are the implementation of the Continuous Diagnostics and Mitigation (CDM) program — a DHS-led effort to put top-of-the-line cybersecurity tools on all federal systems — and the acceleration of the third phase of Einstein (E3A), a sophisticated firewall operating at the very edge of the network.
4.) Improve Cyber Awareness
One of the most effective and devastating tactics today — spear-phishing — is also one of the simplest to execute.
Similarly, the most important effort to combat malicious activity, according to Johnson, is also one of the simplest.
"Whether in .gov, .mil, .com, .edu or .org, perhaps the single most effective thing we can do to improve cybersecurity is actually pretty simple: raise the awareness of everyone who uses your systems to the dangers of spear-phishing," he said. "The most devastating attacks by the most sophisticated actors often start with a simple act of spear-phishing."
None of these solutions will act as a silver bullet, Johnson said, but aggressive action is needed.
"I've said many times in speeches that the cornerstone of the Department of Homeland Security is counterterrorism," Johnson said. "I recognize that cybersecurity must exist alongside counterterrorism as one of our top priorities for the protection of the American people, American businesses large and small and the federal government."
Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.