The Department of Homeland Security (DHS) and its components are making progress in improving communication and information sharing around cyber security activities, although more actions can be taken to improve cyber mission coordination, according to a new report by the department’s Office of Inspector General (IG).
Some of the positive steps taken by DHS in the cyber realm include the Secret Service (USSS) assigning a full-time agent to the department’s round-the-clock cyber watch center, the National Cybersecurity and Communications Integration Center, or NCCIC, and Immigration and Customs Enforcement (ICE) assigning two full-time agents to the center, the new report said. ICE has also assigned fulltime agents to the staff of DHS’s National Protection and Programs Directorate (NPPD) and the Office of Policy’s Cyber, Infrastructure, and Resilience (CIR) Division, which was established in December 2014 to “improve information sharing and collaboration across the department, and reduce any duplication of efforts by the components in the performance of their cyber missions,” said the IG report, DHS Can Strengthen Its Cyber Mission Coordination Efforts (OIG-15-140).
“These efforts have helped improve the levels of collaboration among ICE, NPPD, and USSS regarding investigation and response to cyber incidents,” the IG said.
Other positive steps include interagency collaboration on cyber theft investigations and weekly meetings of agency and staff representatives on various cyber security information sharing issues, the report said.
On the other hand, there are actions that should be taken to improve cyber mission capabilities such as a cyber training program for its investigators and analysts at ICE, NPPD and USSS to obtain better skills, and there needs to be automated sharing of information to improve coordination among the agencies, the IG said.
The report also said that the CIR division needs to develop a cyber strategic implementation plan, something that hasn’t been done yet because of the relative newness of the office and insufficient staff.
“ICE, NPPD, and USSS cyber personnel do not have a clear understanding of each other’s responsibilities and operational and investigative capabilities as needed to effectively coordinate and collaborate to fulfill DHS’ cyber mission,” the report said. It added that “This lack of understanding has led to conflicts regarding assignments and response to incidents.” In some cases, incidents have been referred to the wrong DHS components, the IG said.
The report made nine recommendations to DHS in the report, all of which the department concurs with and some of which have been resolved, the IG said.