The program is a response to a worsening cyber threat environment, Secretary Kirstjen Nielsen told reporters.
SAN FRANCISCO – A new cybersecurity strategy due out within days from the White House envisions the Homeland Security Department providing cybersecurity services directly to critical infrastructure providers, such as hospitals, airports and energy companies.
The system, which Homeland Security Secretary Kirstjen Nielsen described as “security as a service,” would be a major step forward for the department, which, historically, has helped critical infrastructure mostly by sharing cyber threat information and helping them respond after a breach has already occurred.
Nielsen described the program as a “natural evolution” to heightened cyber threats.
The announcement came on the same day that Nielsen’s department and its United Kingdom counterpart warned about a Russian government hacking campaign targeting government and critical infrastructure systems.
The system might function similarly to the continuous diagnostics and mitigation program, through which DHS provides a suite of cyber tools and dashboards to federal agencies, Nielsen told reporters on the sidelines of the RSA Cybersecurity Conference in San Francisco.
The department would aim to tailor its cybersecurity services to the needs of each sector, Nielsen said. The financial services sector, which is widely regarded as the most advanced at cyber protection, for example, would receive different tools than less advanced sectors, she said.
“What we have said to critical infrastructure owners and operators is what do you need?” Nielsen said.
In addition to providing cybersecurity tools, Homeland Security will continue to try to tailor the cyber threat information it shares to make it more actionable for specific critical infrastructure sectors, Nielsen said.
The Homeland Security secretary will outline the government’s new cyber strategy during an address at RSA Tuesday, but the strategy itself won’t be released for about another week, department officials said.
The strategy will contain five main pillars, Nielsen said: risk identification, threat reduction, reducing vulnerabilities, mitigating consequences, and enabling cyber outcomes.
While Nielsen declined to outline the full strategy in advance of its release, she described it as mostly continuous with earlier cyber strategy documents from the Obama administration.
Changes in policy, such as the cybersecurity as a service program, are largely due to the changing threat environment rather than to rethinking the government’s broad cyber stances, she said.
“We need to move, perhaps, more to a collective defense given the threats today,” she said.