DHS Cyber Security Division

Last updated
DHS Cyber Security Division
Seal of the United States Department of Homeland Security.svg
Agency overview
Formed2011
JurisdictionUnited States
HeadquartersDHS Nebraska Avenue Complex, Washington D.C.
Agency executive
  • Dr. Douglas Maughan, Director
Parent agency DHS Science and Technology Directorate
Website DHS Cyber Security Division

The Cyber Security Division (CSD) is a division of the Science and Technology Directorate (S&T Directorate) of the United States Department of Homeland Security (DHS). Within the Homeland Security Advanced Research Projects Agency, CSD develops technologies to enhance the security and resilience of the United States' critical information infrastructure from acts of terrorism. S&T supports DHS component operational and critical infrastructure protections, including the finance, energy, and public utility sectors, as well as the first responder community.

Contents

CSD Mission

Mission statement as defined by S&T Directorate:

The Cyber Security Division's mission is to enhance the security and resilience of the nation's critical infrastructure and the Internet by "developing and delivering new technologies, tool and techniques; conducting and supporting technology transition; and leading and coordinating research and development." [1] The Science and Technology Directorate oversees the work done by the CSD, and clearly defines the CSD's work as a means towards developing the future of cyber security.

Mission statement as defined by DHS:

Enhancing security and resilience of critical infrastructure. By "developing and delivering new technologies, tools and techniques in order for the U.S. to defend, mitigate and secure current and future systems, networks, and infrastructure from cyber-attacks." [2] While conducting and supporting "technology transitions, leading and coordinating research and development (R&D) among the R&D community" (department customers, government agencies, private sector, and international partners). [2] The Department of Homeland Security later defines its own division as more of a way to help defend and protect systems.

Mission statement as defined by Congressional Research Service:

The Cyber Security Division's mission is within the spectrum of "prevention, protection, mitigation, response, and recovery." [3] DHS seeks to assess cyber risks and promote security and resilience of information communication technology (ICT) systems. When an incident occurs, DHS has "capabilities and authorities to provide direct assistance to the victim (both federal and non-federal)." [3] While the Congressional Research Services combines the two and states that the CSD will in the case of an incident have the means towards assisting both public and private sectors.

DHS Cybersecurity Program

Under the Science and Technology Directorate the Department of Homeland Security created its own Cyber Security Division. The division seeks to assist both private and public sectors. The CSD has programs across some current hard problems in information security research. These research programs include and are not limited to "Combating Insider Threats," "Combating Malware and Botnets," and "Identity Management." [4] The CSD's goal is to not only save money and time while meeting DHS critical missions, but to "support S&T with transitioning technologies to operational use." [5] Research in these programs include studying "Social Behavior," "Software Assurance," "Trustworthy Infrastructure." Which are then broken down further into "Usable Cybersecurity," "Cyber Economics Incentives," "Incident Response communities," "Software Quality Assurance and Marketplace," "Securing Protocols," and many more! [6] The CSD recognizes that a failure to respond, creates enormous penalties.

DHS Cybersecurity Strategy

The CSD strategy is to be a lead in cybersecurity research and awareness. The CDS develops and oversees DHS standards that "ensure reliable, interoperable and effective technologies and processes. This includes coordination and representation on a number of standard-setting bodies and organizations." [5] The need to enhance the "efficiency and effectiveness of the U.S. government’s work to protect and secure critical infrastructure." [6] CSD maintains a sense of teamwork in security and risk management across various research programs and partners.

Science & Technology: Cyber Security Division

S&T’s CDS work closely with "DHS components to reduce or mitigate the challenges that DHS faces", [7] and to "help these components execute their programs and systems in the safest, most-efficient, and most cost-effective way." [8] The goal is to make improvements within cybersecurity, as it is a global issue international partners including "Australia, Canada, Japan, the Netherlands, Sweden, and the United Kingdom." [6] All come together to work in "areas such as cyber enomic incentives, software assurance, and modeling of internet attacks." [6]

See also

Related Research Articles

<span class="mw-page-title-main">United States Department of Homeland Security</span> United States federal department

The United States Department of Homeland Security (DHS) is the U.S. federal executive department responsible for public security, roughly comparable to the interior or home ministries of other countries. Its stated missions involve anti-terrorism, border security, immigration and customs, cyber security, and disaster prevention and management.

The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Specifically, US-CERT is a branch of the Office of Cybersecurity and Communications' (CS&C) National Cybersecurity and Communications Integration Center (NCCIC).

<span class="mw-page-title-main">National Cyber Security Division</span>

The National Cyber Security Division (NCSD) is a division of the Office of Cyber Security & Communications, within the United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. Formed from the Critical Infrastructure Assurance Office, the National Infrastructure Protection Center, the Federal Computer Incident Response Center, and the National Communications System, NCSD opened on June 6, 2003. The NCSD mission is to collaborate with the private sector, government, military, and intelligence stakeholders to conduct risk assessments and mitigate vulnerabilities and threats to information technology assets and activities affecting the operation of the civilian government and private sector critical cyber infrastructures. NCSD also provides cyber threat and vulnerability analysis, early warning, and incident response assistance for public and private sector constituents. NCSD carries out the majority of DHS’ responsibilities under the Comprehensive National Cybersecurity Initiative. The FY 2011 budget request for NCSD is $378.744 million and includes 342 federal positions. The current director of the NCSD is John Streufert, former chief information security officer (CISO) for the United States Department of State, who assumed the position in January 2012.

<span class="mw-page-title-main">Homeland Security Act of 2002</span> Post-9/11 United States law establishing the Department of Homeland Security

The Homeland Security Act (HSA) of 2002, was introduced in the aftermath of the September 11 attacks and subsequent mailings of anthrax spores. The HSA was cosponsored by 118 members of Congress. The act passed the U.S. Senate by a vote of 90–9, with one Senator not voting. It was signed into law by President George W. Bush in November 2002.

<span class="mw-page-title-main">U.S. critical infrastructure protection</span>

In the U.S., critical infrastructure protection (CIP) is a concept that relates to the preparedness and response to serious incidents that involve the critical infrastructure of a region or the nation. The American Presidential directive PDD-63 of May 1998 set up a national program of "Critical Infrastructure Protection". In 2014 the NIST Cybersecurity Framework was published after further presidential directives.

<span class="mw-page-title-main">DHS Chemical and Biological Defense Division</span>

The Chemical and Biological Defense Division (CBD) is a division of the Science and Technology Directorate of the United States Department of Homeland Security. Within the Homeland Security Advanced Research Projects Agency, CBD develops technologies to increase the United States's preparedness and protect key national infrastructure against chemical, biological, and agricultural threats and disasters through improved threat awareness and advanced surveillance, detection, and protective countermeasures.

<span class="mw-page-title-main">DHS Infrastructure Protection and Disaster Management Division</span>

The Infrastructure Protection and Disaster Management Division (IDD) is a division of the Science and Technology Directorate of the United States Department of Homeland Security. Within the Homeland Security Advanced Research Projects Agency, IDD develops technologies to improve and increase the United States' strategic preparedness response to natural and man-made threats through situational awareness, emergency response capabilities, and critical infrastructure protection.

<span class="mw-page-title-main">Department of Defense Cyber Crime Center</span>

The Department of Defense Cyber Crime Center (DC3) is designated as a Federal Cyber Center by National Security Presidential Directive 54/Homeland Security Presidential Directive 23, as a Department of Defense (DoD) Center Of Excellence for Digital and Multimedia (D/MM) forensics by DoD Directive 5505.13E, and serves as the operational focal point for the Defense Industrial Base (DIB) Cybersecurity program. DC3 operates as a Field Operating Agency (FOA) under the Inspector General of the Department of the Air Force.

<span class="mw-page-title-main">Under Secretary of Homeland Security for Science and Technology</span>

The Under Secretary of Homeland Security for Science and Technology is a high level civilian official in the United States Department of Homeland Security. The Under Secretary, as head of the Science and Technology Directorate at DHS, is the principal staff assistant and adviser to both the Secretary of Homeland Security and the Deputy Secretary of Homeland Security for all DHS technological research.

<span class="mw-page-title-main">Command, Control and Interoperability Division</span>

The Command, Control and Interoperability Division is a bureau of the United States Department of Homeland Security's Science and Technology Directorate, run by Dr. David Boyd. This division is responsible for creating informative resources(including standards, frameworks, tools, and technologies) that strengthen communications interoperability, improve Internet security, and integrity and accelerate the development of automated capabilities to help identify potential threats to the U.S.

The Stephenson Disaster Management Institute at Louisiana State University is located in the Stephenson National Center for Security Research and Training at LSU.

<span class="mw-page-title-main">Paul N. Stockton</span>

Dr. Paul N. Stockton is the President of Paul N Stockton LLC, a strategic advisory firm in Santa Fe, NM. From 2009-2013, Dr. Stockton served as Assistant Secretary of Defense for Homeland Defense and Americas' Security Affairs, where he helped lead the Department's response to Hurricane Sandy. He was responsible for Defense Critical Infrastructure Protection, Western Hemisphere security policy, domestic crisis management, continuity of operations planning, and a range of other responsibilities. While Assistant Secretary, Dr. Stockton also served as Executive Director of the Council of Governors. After serving as Assistant Secretary, Dr. Stockton was the Managing Director of Sonecon LLC, an advisory firm in Washington, DC, from 2013-2020.

<span class="mw-page-title-main">Critical Infrastructure Research and Development Advancement Act of 2013</span>

The Critical Infrastructure Research and Development Advancement Act of 2013 is a bill that would require the United States Department of Homeland Security (DHS) to transmit to the Congress a strategic plan for research and development efforts addressing the protection of critical infrastructure and a report on departmental use of public-private consortiums to develop technology to protect such infrastructure. The bill also would direct the Government Accountability Office (GAO), within two years of enactment, to evaluate the effectiveness of clearinghouses established by DHS to share technological innovation.

<span class="mw-page-title-main">National Cybersecurity and Critical Infrastructure Protection Act of 2013</span>

The National Cybersecurity and Critical Infrastructure Protection Act of 2013 is a bill that would amend the Homeland Security Act of 2002 to require the Secretary of the Department of Homeland Security (DHS) to conduct cybersecurity activities on behalf of the federal government and would codify the role of DHS in preventing and responding to cybersecurity incidents involving the Information Technology (IT) systems of federal civilian agencies and critical infrastructure in the United States.

<span class="mw-page-title-main">Homeland Security Cybersecurity Boots-on-the-Ground Act</span> Bill of the 113th United States Congress

The Homeland Security Cybersecurity Boots-on-the-Ground Act is a bill that would require the United States Department of Homeland Security (DHS) to undertake several actions designed to improve the readiness and capacity of DHS’s cybersecurity workforce. DHS would also be required to create a strategy for recruiting and training additional cybersecurity employees.

The Cyber Resilience Review (CRR) is an assessment method developed by the United States Department of Homeland Security (DHS). It is a voluntary examination of operational resilience and cyber security practices offered at no cost by DHS to the operators of critical infrastructure and state, local, tribal, and territorial governments. The CRR has a service-oriented approach, meaning that one of the foundational principles of the CRR is that an organization deploys its assets to support specific operational missions. The CRR is offered in a facilitated workshop format and as a self-assessment package. The workshop version of the CRR is led by a DHS facilitator at a critical infrastructure facility. The workshop typically takes 6–8 hours to complete and draws on a cross section of personnel from the critical infrastructure organization. All information collected in a facilitated CRR is protected from disclosure by the Protected Critical Infrastructure Information Act of 2002. This information cannot be disclosed through a Freedom of Information Act request, used in civil litigation, or be used for regulatory purposes. The CRR Self-Assessment Package allows an organization to conduct an assessment without the need for direct DHS assistance. It is available for download from the DHS Critical Infrastructure Cyber Community Voluntary Program website. The package includes an automated data answer capture and report generation tool, a facilitation guide, comprehensive explanation of each question, and a crosswalk of CRR practices to the criteria of the National Institute of Standards and Technology (NIST) Cybersecurity Framework. The questions asked in the CRR and the resulting report are the same in both versions of the assessment. DHS partnered with the CERT Division of the Software Engineering Institute at Carnegie Mellon University to design and deploy the CRR. The goals and practices found in the assessment are derived from the CERT Resilience Management Model (CERT-RMM) Version 1.0. The CRR was introduced in 2009 and received a significant revision in 2014.

The National Cybersecurity and Communications Integration Center (NCCIC) is part of the Cybersecurity Division of the Cybersecurity and Infrastructure Security Agency, an agency of the U.S. Department of Homeland Security. It acts to coordinate various aspects of the U.S. federal government's cybersecurity and cyberattack mitigation efforts through cooperation with civilian agencies, infrastructure operators, state and local governments, and international partners.

Dr. Phyllis Schneck is an American executive and cybersecurity professional. As of May 2017, she became the managing director at Promontory Financial Group. Schneck served in the Obama administration as Deputy Under Secretary for Cybersecurity and Communications for the National Protection and Programs Directorate (NPPD), at the Department of Homeland Security.

<span class="mw-page-title-main">Cybersecurity and Infrastructure Security Agency</span> Agency of the United States Department of Homeland Security

The Cybersecurity and Infrastructure Security Agency (CISA) is an agency of the United States Department of Homeland Security (DHS) that is responsible for strengthening cybersecurity and infrastructure protection across all levels of government, coordinating cybersecurity programs with U.S. states, and improving the government's cybersecurity protections against private and nation-state hackers. Its activities are a continuation of the National Protection and Programs Directorate (NPPD), and was established on November 16, 2018, when President Donald Trump signed into law the Cybersecurity and Infrastructure Security Agency Act of 2018.

Operational collaboration is a cyber resilience framework that leverages public-private partnerships to reduce the risk of cyber threats and the impact of cyberattacks on United States cyberspace. This operational collaboration framework for cyber is similar to the Federal Emergency Management Agency (FEMA)'s National Preparedness System which is used to coordinate responses to natural disasters, terrorism, chemical and biological events in the physical world.

References

  1. "S&T's Cyber Security Division Overview Video". Department of Homeland Security, S&T Directorate. 2020. Archived from the original on 2017-01-13.
  2. 1 2 DHS. "Cybersecurity Program". Department of Homeland Security, Cybersecurity Program. Archived from the original on 2019-06-22.
  3. 1 2 "DHS's Cybersecurity Mission-An Overview" (PDF). Federation of American Scientists. December 19, 2018. Archived (PDF) from the original on 2020-08-06.
  4. "A Roadmap for Cybersecurity Research" (PDF). Department of Homeland Security Publications. November 2009. Archived (PDF) from the original on 2015-09-05.
  5. 1 2 "About Capability Development Support". Department of Homeland Security, about CDS. Archived from the original on 2014-12-09.
  6. 1 2 3 4 "CSD FY13 AR" (PDF). Department of Homeland Security Publications. 2013.{{cite web}}: CS1 maint: url-status (link)
  7. "CSD fact sheets". DHS S&T, CSD fact sheets. Archived from the original on 2015-01-09.
  8. "Analytic Inventory of DHS Headquarters Business Processes" (PDF). RAND Research. Archived (PDF) from the original on 2019-07-20.