DHS Cyber Strategy Delayed for Trump Team Review

Gil C/Shutterstock.com

The department sees a "generational" opportunity for security in IT modernization, cyber lead says.

A congressionally mandated Homeland Security Department cybersecurity strategy is waiting to be reviewed by Trump administration officials and the agency’s new leadership, DHS’ acting cybersecurity lead told lawmakers Tuesday.

The strategy, which was mandated by a major defense policy bill, was due March 23.

“We are working on the cybersecurity strategy,” DHS Acting Undersecretary for Cybersecurity Jeanette Manfra told members of a House Homeland Security Committee cybersecurity panel. “We do need time to ensure that the new administration has an opportunity to review and provide guidance on what that strategy should look like.”

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

Manfra repeated a likely time frame of “the next couple months” for the strategy’s completion.

Manfra also highlighted a $1.5 billion investment in President Donald Trump’s budget blueprint to protect federal networks and civilian critical infrastructure from cyberattacks.

“The department views the IT modernization effort as an opportunity to review the current approach to federal network security and potentially make generational advances in the capabilities we offer,” she said.

As with all presidents' budget proposals, Trump’s proposals are only suggestions to Congress, which may or may not take them up.

Other top priorities for Manfra’s division include pushing for 100 percent adoption by civilian agencies of the third generation of the department’s threat monitoring and mitigation system known as Einstein 3 Accelerated, or E3A, and raising the number of known cyber threat indicators that the system is monitoring for, Manfra told lawmakers.

About 93 percent of civilian agencies are now hooked into E3A.  

The department is also working to apply “reputation scoring” to its cyber monitoring to help agencies determine which cyber threats are most serious and expanding a pilot program that identifies anomalous network activity that could indicate an attempted cyber breach but that is not associated with a known attack vector, she said.

A January 2016 watchdog report dinged DHS for falling short on both those capabilities.