PERSPECTIVE: Homeland Security Makes the Right Moves to Bolster Our Cybersecurity

This article, by Gen. Frank Taylor, originally appeared in The Hill on August 2, 2019

If there’s one thing that was learned from the 2016 presidential election, it’s that protecting our country’s election infrastructure cannot be a passive decision. There’s a need to be proactively assessing our environment to ensure that we are implementing the cybersecurity features that fortify our systems and, ultimately, our democracy. This is where the Cybersecurity and Infrastructure Security Agency (CISA) comes into play.

CISA, dubbed “the nation’s risk advisor,” was officially inaugurated in 2018 as a standalone component within the U.S. Department of Homeland Security (DHS). Its primary objectives are to lead cybersecurity efforts across the federal government and to work with the critical infrastructure community to help protect their networks. But CISA was not conceptualized solely on the basis of Russian interference in 2016 – there are a number of evolving concerns that CISA plans to prioritize as it enters its second year: supply chain, 5G, and election security.

Standing up CISA in November, an effort began by President Obama’s administration but realized by President Trump, has signaled cybersecurity as a priority deserving of greater resources. Top Department of Homeland Security (DHS) officials had been championing the decision, advocating that the creation of CISA was necessary for streamlining its cyber goals. More importantly, because CISA is able to act more independently – similar to how the Federal Emergency Management Agency (FEMA) operates, for instance – several barriers to decision-making are eliminated, and cyber responses become more efficient and successful.

Under the leadership of Director Chris Krebs, CISA has initiated a two-year roadmap outlining how it will fully mature its capabilities. While CISA may appear to be acting similarly to an intelligence agency through its information sharing efforts, there is a major distinction in that CISA will operate transparently. This is a huge win for its civilian, private sector, and government partners who are still navigating the complex cyber landscape. CISA understands that a majority of our nation’s CI resides in the private sector and is committed to taking actions to counter threats that extend beyond government systems. This means that CISA will work closely with CI entities to understand what they themselves perceive to be the greatest risks to their systems. This not only improves efficacy of solutions, but it helps achieve buy-in, which greatly strengthens cybersecurity efforts.

Still, CISA exhibits both form and function. There are emerging cyber threats that are rapidly changing and advancing, including the durability of the supply chain. Cybercriminals and foreign adversaries have demonstrated the ability to exploit vulnerabilities in the supply chain, gaining access to sensitive data. These perpetrators are acting strategically to disrupt our systems, and CISA is expected to exercise collective defense to manage these risks and share actionable intelligence with network defenders who are positioned to act on it.

One resource that CISA relies on is its Information and Communication Technologies Supply Chain Risk Management Task Force, which is comprised of federal partners and forty of the largest companies in the IT and communications sectors. Together, its participants are crafting recommendations to manage weaknesses in the global technology supply chain.

It comes as no surprise that another focal point of CISA is the impending rollout of the 5G networks. But with the advantages of 5G come the downsides: namely, security risks, as there are greater opportunities for our adversaries (like China) to gain access to our networks and for insecure technology to gain outsized market share. To defend against these threats, CISA has been coordinating with the Department of State, the Department of Commerce, the Federal Communications Commission, and the White House. This collaboration has been necessary to determine risk mitigation strategies, such as mandating that all 5G technology be interoperable, or banning some technology providers (i.e. Huawei).

But what about election security? Wasn’t that the driving force in standing up CISA? CISA is working to expand upon the relationships with state and local election officials and voting machine vendors that emerged from the 2018 midterm elections. DHS now recognizes elections as a part of our CI, so engagements with these partners has been paramount to understanding how they operate. Collaboration between state and local election officials and the federal government is a major factor in incentivizing the patching of election systems and helping CISA achieve its goal of 100 percent auditability by 2020.

DHS has proven itself a leader among government institutions by launching CISA to specifically focus on emerging cyber threats. With this leadership comes the responsibility to continually integrate and coordinate with the private sector to ensure secure and sustainable partnerships. Connecting these entities will inform both CI decision-making, as well as provide viable pathways for future innovation and intelligence sharing.

Gen. Francis Taylor served as undersecretary for intelligence and analysis at the Department of Homeland Security and as assistant secretary for diplomatic security at the Department of State. He is now a senior adviser with Cambridge Global.