Homeland Security Secretary Janet Napolitano's announcement today that she plans to leave the department raises interesting questions for what is next for the government's cybersecurity efforts. She, along with recently-departed Deputy Secretary Jane Hall Lute, dedicated a significant amount of resources and time to making cybersecurity a priority for DHS.
This effort, which began under her predecessor Michael Chertoff, showed DHS moving from its toddler years in cyber to its teenage years -- maturing, but at times a bit awkward and still trying to find its place with Congress and the private sector. Like with many teenagers, DHS has spent time showing others that it has grown up and should be treated like other adults on cyber.
With the NSA's cybersecurity efforts potentially in limbo with the Snowden revelations -- especially as more comes to light -- DHS is in a position to be the agency that truly leads on cybersecurity. This comes at a time when threats, both national and economic, are growing and the issue is at the forefront of our national and international conversations.
So what should the next candidate for Secretary be considering?
- China. What role does DHS have in international efforts to combat cyberthreats from China that are affecting our domestic systems? Does this role change if the threat is mostly on the economic side (e.g. cyber espionage and IP theft) rather than national security, i.e. critical infrastructure? What about the department's role in looking at supply chain threats and foreign investment issues in U.S. cyber assets?
- Beyond critical infrastructure protection. What role does DHS have in helping the increasing number of businesses and companies impacted by cyber attacks? We know of the debates among voluntary standards for critical infrastructure but what about everyone else?
- Privacy and surveillance. Not just Edward Snowden, but increased information sharing. In discussions regarding government privacy, the focus has been on Justice and the intelligence agencies. Will attention now focus more on DHS?
- The future. Mobile, cloud and emerging technologies are changing how people use technology and creating new cybersecurity challenges. Is DHS in front of these changes or focused on nuts-and-bolts critical infrastructure protection?
- Big data. The sheer volume of information that can be gathered on individuals is staggering and growing. What is DHS doing to address new challenges in this area?
Whoever takes over at DHS, they will face daunting cyber challenges and big shoes to fill given the progress Secretary Napolitano has made over the last four years.