DHS CISO: Cyber Needs Continuous Investment In Next Administration


A senior cyber official doesn't expect the transition to disrupt cyber commitments.

The upcoming presidential transition shouldn't disrupt the federal government's cyber commitments, a senior cyber official said Tuesday.

"Cyber is able to transcend politics," Jeffrey Eisensmith, the Homeland Security Department's chief information security officer said during FCW's The Big Issues conference in Washington, D.C. "Security is a nonstatic thing, so if you gave me a boat load of money today, and I put those controls in tomorrow, the day after tomorrow, I'm not as secure if you don't continue that investment."

Eisensmith said he didn't expect the turnover in political appointees after the presidential transition to disrupt cyber commitments at DHS.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

"There is a wonderful career staff in place ... A lot of the programs that we began to institute take a fairly long time to put in place and build. A lot of what [Chief Information Officer Luke McCormack] has put in place, we're still lashing down to the floor and making sure that it is an enterprise solution."

In October, President-elect Donald Trump issued a cybersecurity plan that sketched out his intention to "order a thorough review of our cyber defenses and weaknesses, including all vital infrastructure."

He has not released more specific details about what a cyber review team would do, though it would begin with the most sensitive systems, and "ultimately, all systems will be analyzed and made as secure as modern technology permits."

As the Trump administration gets settled, "there will be a lot of education [required]," Eisensmith said. "But [it's] not our first time at the rodeo."

Broadly, Eisensmith said DHS' current analysis of cyberattacks doesn't stop when incidents are thwarted. For example, after an instance of malware is stymied, he focuses on understanding what the malware was intending to do, he explained. Each attack attempt gives the department's cyber teams new insights.

"You're going to give up every toolset you have, and every one of the links every time you look at me," he said.

Eisensmith also passes compromise attempts to the U.S. Computer Emergency Readiness Team, "and they're going to blast it out nationwide," he warned.