Q&A: DHS Cybersecurity Chiefs Speak OutThe Department of Homeland Security aims to grow its cybersecurity workforce and technical capabilities, Phil Reitinger and Greg Schaffer say.
As the federal government continues to try to figure out ways to effectively manage cybersecurity, the Department of Homeland Security is gaining prominence as one of several major players in protecting government computer networks from attack.
At the center of the DHS' effort are the agency's cybersecurity top official, deputy undersecretary of the Department of Homeland Security for the National Protection and Programs Directorate and director of the National Cyber Security Center Phil Reitinger, and Greg Schaffer, assistant secretary of DHS' Office of Cybersecurity and Communications. InformationWeek recently spoke with them.
InformationWeek: I wanted to start by talking about your role, your goals and some of the things that are going on there right now.
Reitinger: Cybersecurity always has been and always will be a distributed effort. If people want to say, well, there's a single locus of cybersecurity and anything and everything will be handled from one point, I say, dream on. We want to build cybersecurity into the DNA of the infrastructure, into the DNA of the businesses, into the DNA of all the government entities.
Our role is to work to bring one team, one fight from DHS to address cybersecurity, to work with partners to help enable progress across dot gov, and particularly with the Cybersecurity Coordinator when appointed.
The top priorities I'm focused on, are, one, building capability. That's primarily about people. I have some awesome people here at DHS; we have a great team, but we just don't have enough of them yet, and we're in strict competition with the private sector to get the best and brightest to work on these issues. I'm a firm believer that organizations succeed or fail based on the people you have.
Second is building partnerships. There are people with responsibilities across the organization, across the federal government and across the private sector, and we've got to continue to work on the right way to build a partnership among those entities. We're defining our partnership models, making sure they're as efficient as possible, that they let the private sector work effectively with us and as one, and we're starting the process of developing a national cyberincident response process that will enable all of the entities across government and the private sector to work together as one nation to respond to cybersecurity emergencies.
The third is addressing the ecosystem of the future, making sure that we're building the Internet and the cyberinfrastructure of the future that will have the foundations of a more secure tomorrow. There are a number of things that go into that.
1 of 3