DHS CIOs see cyber, budgets as top concerns

Cybersecurity remains the biggest headache for CIOs at the Department of Homeland Security, but they say the steady drumbeat of smaller and smaller budgets stings, too.

The CIOs from DHS' many components, who gathered for a panel discussion at AFCEA's Homeland Security Conference on March 11, agreed that cybersecurity is a dogged presence in their everyday activities, and they're trying to counter threats in new ways.

Cybersecurity "is a concern across all components [and] job No. 1 for all of us," DHS CIO Luke McCormack said.

He added that DHS' Continuous Diagnostics and Mitigation program and Einstein intrusion-detection system are aimed squarely at helping agencies maintain internal cybersecurity and establishing DHS as a thought leader on federal cybersecurity.

Being an early adopter of promising cybersecurity technology is part of his department's job, he said.

In the past few months, McCormack said DHS has been meeting with executives at Silicon Valley technology firms to discuss innovative approaches to cybersecurity. He did not elaborate on the specifics but said he met with CIOs and chief information security officers on three trips to Silicon Valley, including the cybersecurity summit President Barack Obama attended in February.

The technology under development at leading-edge companies "is promising [and] adaptable for us," McCormack added.

Cutting-edge IT vendors also provide a different perspective on the cybersecurity issues that dog federal agencies. "It's interesting to see how the CISOs at Facebook and Google are dealing with the insider threat challenge," he said. "It's a different way of looking at it."

Although cybersecurity is always a concern, "my biggest problem is stretching a dollar," said Transportation Security Administration CIO Stephen Rice. Steadily declining budgets have forced TSA officials to be more frugal in how they implement IT.

"Cybersecurity is our No. 1 concern," said Charles Armstrong, assi¬¬stant commissioner of Customs and Border Protection's Office of Information and Technology, but "the constant 5 percent decline in budget is a challenge."

Those cuts have spurred CBP to look for more innovative, self-service technologies to perform its public border security functions, such as customs processing. He said declining budgets have taken a toll on the agency's staff, including contracting professionals in charge of acquiring new technology. With pay flat and resources pinched, experienced agency employees often look for opportunities in the private sector.

When the seasoned DHS CIOs were asked about the lessons they've learned, all agreed that getting out into the field to see their agency mission in action was critical to understanding IT needs.

"Get out to where the mission happens," said Adrian Gardner, CIO at the Federal Emergency Management Agency. "If you don't, you'll have a short tenure."