DHS Staffing Woes, Cybersecurity Preparedness Highlighted in Hearing
At a recent hearing in the Cybersecurity and Infrastructure Subcommittee of the House Homeland Security Committee, representatives of the National Protection and Programs Directorate (NPPD)–the body tasked with implementing the Department of Homeland Security's (DHS) cybersecurity priorities–addressed concerns that DHS is still not as progressive as it should be on cyber issues.
Rep. John Ratcliffe (R-TX), summed up the general tenor of the meeting, stating that, "We have to get this right because new technologies – the internet of things, driverless cars, artificial intelligence, and quantum computing – are rapidly evolving.” Ratcliffe, who chairs the subcommittee, emphasized, “We need to be securing at the speed of innovation – not of bureaucracy. Because we are in an era that requires flexibility, resiliency, and discipline, and I hope I will hear those values operationalized in the forthcoming testimony.”
In addition to the increasing threats posed by cyberattacks, a theme of the hearing was the difficulty DHS has faced in filling vital vacancies, with CyberScoop pointing out that the agency's enterprise-wide cybersecurity strategy is already six months behind schedule and still has no estimated release date.
“I understand the Trump administration did not fill leadership positions relevant to the DHS cybersecurity strategy with any real sense of urgency, and ongoing vacancies may be contributing to the delays. But the strategy is six months overdue and that is not acceptable,” said Rep. Cedric Richmond (D-LA).
According to testimony by NPPD Assistant Secretary for Cybersecurity and Communications Jeanette Manfra, DHS is currently staffed at 76 percent.
currently staffed at only 76 percent. “We’re averaging about 224 days to hire,” Manfra said. “That sounds long, [but] that includes a top secret [sensitive compartmented information] clearance process.” That timeline also represents a 10 percent improvement over last year, she said.
Witnesses sought to highlight positive steps DHS has taken to improve its cybersecurity preparedness, including a new government-wide dashboard being rolled out to agency that will allow DHS to monitor the entire federal network, down to the end-user. Manfra also noted that, while the agency's current average hire time of 224 days sounds lengthy, the number is a 10 percent improvement over last year and is a sign of progress, given that the process necessitates a top secret clearance process.
Witnesses also spoke in favor of the Cybersecurity and Infrastructure Security Agency Act of 2017, which would rename and reorganize the NPPD.
According to Christopher Krebs, who testified on behalf of DHS, "If enacted, thsi bill would mature and streamline NPPD, and rename our organization to clearly reflect our essential mission and our role in securing cyberspace. The department strongly supports this much-needed effort and encourages swift action by the full House and the Senate."
Posted in Featured News