11:47 AM
Connect Directly

Homeland Security, Defense Sign Cybersecurity Pact

The deal should improve collaboration between the agencies and, in particular, boost DHS' encryption and decryption capabilities.

Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters
The Department of Homeland Security and Department of Defense, which together carry out much of the federal government's cybersecurity work, announced a pact Wednesday that aims to improve government defense of private, government, and military networks.

The five-page agreement, signed in late September by defense secretary Robert Gates and homeland security secretary Janet Napolitano, but made public only this week, creates a "framework" within which officials from DHS, DoD, the National Security Agency, and the military's new Cyber Command will work with one another on cyber-related issues. In the process, the deal increases formal ties in a relationship that, until now, has been largely ad hoc.

As part of the pact, a group of NSA cryptologic analysts will be embedded at the National Cybersecurity and Communications Center (DHS' cyber operations center) in Arlington, Va., and DHS will send Adm. Michael Brown, deputy assistant secretary of DHS for cyber security, with a support team of privacy and civil liberties personnel, to NSA's National Threat Operations Center and Cyber Command's headquarters at Fort Meade, Md. The organizations will also create a Joint Coordination Element under Brown at NSA headquarters to do joint operational planning and coordination.

While the agreement does nothing to add to or subtract from the responsibilities of any of the organizations involved, it could, in particular, improve DHS' capabilities to mitigate malware as part of its role to protect government networks and provide cybersecurity support to private companies, said Center for Strategic and International Studies senior fellow Jim Lewis.

"The easiest way to think about this is that malware has encrypted parts, and NSA is best equipped to crack the encryption, so we should give them that ability," Lewis said. "Getting them embedded in DHS will get the [National Cybersecurity and Communications Integration Center] to do a better job."

Embedding NSA officials within DHS is also likely a cheaper and quicker way to increase DHS' encryption capabilities than requiring DHS to ramp up its encryption skills on its own. Gates and Napolitano hinted at this in a joint statement, saying that one of the goals of the deal was to improve "economy and efficiency."

The relationship between DHS and NSA has not always been an easy one, and this deal could signal a bit of progress on that front. The March 2009 resignation letter of DHS' former cyber official Rod Beckstrom criticized the NSA's increasing involvement in cybersecurity, for example, and, while DHS has a primary responsibility over helping to protect critical infrastructure networks (think power plants, air traffic control systems, etc.), both NSA, via its Perfect Citizen project, and Cyber Command have demonstrated an interest in having an increased role there.

"This structure is designed to put the full weight of our combined capabilities and expertise behind every action taken to protect our vital cyber networks, without altering the authorities or oversight of our separate but complementary missions," Gates and Napolitano said in a joint statement. "We will improve economy and efficiency by better leveraging vital technologies and personnel to serve both Departments’ missions in full adherence to U.S. laws and regulation."

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote authenticated users to bypass intended restrictions on resource access via unspecified vectors.

Published: 2014-08-20
Cross-site request forgery (CSRF) vulnerability in EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to hijack the authentication of arbitrary users.

Published: 2014-08-20
EMC RSA Archer GRC Platform 5.x before 5.5 SP1 allows remote attackers to trigger the download of arbitrary code, and consequently change the product's functionality, via unspecified vectors.

Published: 2014-08-20
Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop before 6.7 SP1 P28 and 6.7 SP2 before P14 allow remote attackers to inject arbitrary web script or HTML via the (1) startat or (2) entryId parameter.

Published: 2014-08-20
EMC Documentum D2 3.1 before P24, 3.1SP1 before P02, 4.0 before P11, 4.1 before P16, and 4.2 before P05 does not properly restrict tickets provided by D2GetAdminTicketMethod and D2RefreshCacheMethod, which allows remote authenticated users to gain privileges via a request for a superuser ticket.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.