By Erin Meehan

The U.S. Department of Homeland Security provides collaborative partnerships and information-sharing resources to improve the cybersecurity posture of state, local, tribal, and territorial governments.

Print This Post Print This Post

VIA20.1_cover_winter2015-16

Every day there are new stories about the latest victims of data breaches and identity theft and of information-technology (IT) systems crippled by cyber-attacks. Private citizens, businesses, and government organizations are all at risk of falling under attack. Across the U.S., state and local governments are focusing their efforts on mitigating cyber-threats to their IT systems and data.

In February 2014, the Commonwealth of Virginia and Gov. Terry McAuliffe created Cyber Virginia and the Virginia Cyber Security Commission. The commission’s mission is to bring together experts from the public and private sectors to develop recommendations that will help position Virginia as a leader in cybersecurity. In partnership with the Virginia technology councils, the commission created a series of town hall forums in different localities to introduce the public to the mission of the commission. These talks focused on a variety of cyber-topics, including best practices, federal and state programs, cyber-education, and cyber-crime.

The Department of Homeland Security’s Role in Cybersecurity

The Department of Homeland Security’s (DHS) Office of Cybersecurity and Communications takes the lead on cybersecurity, critical infrastructure security, and resilience. DHS engages the public, all levels of government, private sector, and international partners, to prepare for, prevent, and respond to cyber-incidents that could degrade or overwhelm U.S. strategic assets.

DHS is also responsible for helping to secure the “dot gov” domain, largely through its operational coordination mechanism, the National Cybersecurity and Communications Integration Center (NCCIC). The NCCIC is a 24/7 cyber-situational awareness, incident response, and management center where government, private sector, law enforcement, international, and intelligence community partners work together to detect, prevent, respond to, and mitigate threats to U.S. communications and information systems. Since its inception in 2009, the NCCIC has responded to over half a million incident reports and released more than 55,000 actionable cybersecurity alerts.

The NCCIC works in partnership with the FBI, U.S. Secret Service, and other law enforcement entities for coordination, integration, and information-sharing related to domestic cyber-threat investigations. Further, the NCCIC, FBI, and Secret Service have developed joint standard operating procedures to ensure that outreach and response activities are coordinated on behalf of victims of cyber-crime and incidents.

State, Local, Tribal, and Territorial (SLTT) Government Engagement

DHS has long recognized that cybersecurity is a shared responsibility and that success depends on engagement with public and private sector partners. As such, the department’s cybersecurity engagement with strategic partners has expanded steadily since the department’s inception in 2003. DHS maintains a strategic partnership with the Multi-State Information Sharing and Analysis Center (MS-ISAC), which was created to improve the overall cybersecurity posture of state, local, tribal and territorial (SLTT) governments at all levels. Collaboration and information-sharing among members, private sector partners, and DHS are critical to success.

MS-ISAC provides direct cybersecurity monitoring services to member organizations, as well as general cybersecurity support to all SLTT entities. And through their 24/7 watch-and-warning security operations center, MS-ISAC provides real-time network monitoring and dissemination of early cyber-threat warnings, as well as vulnerability identification and mitigation to assist SLTT governments in addressing risks to their network. As the department moves towards automated indicator sharing, so will the MS-ISAC and its membership, so that the defense of our networks can keep pace with the speed of malicious actors.

DHS has recently initiated efforts to increase cybersecurity support to state and major urban-area fusion centers, which serve as focal points for the receipt, analysis, and sharing of threat-related information—including cyber-information—between the federal government, SLTT governments, and private sector stakeholders. DHS is partnered with the MS-ISAC to receive and process reports from fusion centers on suspected or confirmed cyber-incidents. This collaboration will allow agencies to more quickly evaluate information and track each incident for appropriate follow-up, based on severity. All 50 state homeland security advisors and 78 fusion centers participate in MS-ISAC programs.

DHS has significant cybersecurity capabilities and works collaboratively with all levels of government as well as the private sector to protect U.S. critical infrastructure. This collaborative approach is exemplified through the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity. Recognizing that the national and economic security of the United States depends on the reliable functioning of critical infrastructure, the president issued Executive Order 13636, Improving Critical Infrastructure Cybersecurity, in February 2013. It directed NIST to work with stakeholders to develop a voluntary framework—based on existing standards, guidelines, and practices—for reducing cyber-risks to critical infrastructure. As a result of the same executive order, DHS partnered with the critical infrastructure community to establish a voluntary program to support increased security and resilience of the nation’s cyber infrastructure, through use of the cybersecurity framework. DHS’s Critical Infrastructure Cyber Community Voluntary Program (C3VP) is the coordination point within the federal government for critical infrastructure owners and operators interested in improving their cyber-risk management processes. The C3VP aligns existing programs and resources with the NIST framework core function areas (identify, protect, detect, respond, recover). Resources have also been broken out by stakeholder type (federal, SLTT governments, and businesses). This alignment demonstrates what DHS can offer to support the framework’s principles and reinforce cybersecurity risk management and resilience. The Commonwealth of Virginia, along with any of our nation’s SLTT governments, can use DHS resources to improve their cybersecurity posture and better identify, protect, detect, respond to, and recover from cyber-incidents.

Reprinted in part from The Police Chief, Vol. LXXXI, No. 2, online edition, 2014. Copyright held by the International Association of Chiefs of Police Inc., 44 Canal Center Plaza, Suite 200, Alexandria, Virginia, 22314. Further reproduction without express permission from IACP is strictly prohibited.

 

[1] For more information about the Virginia Cyber Security Commission, visit https://cyberva.virginia.gov/

[2] For more information about the NCCIC, see www.dhs.gov/about-national-cybersecurity-communications-integration-center.

[3] For more information on MS-ISAC, visit http://cisecurity.org.

[4] To read the NIST cybersecurity framework, visit www.nist.gov/cyberframework/.

[5] For more information about the DHS C3 Voluntary Program, visit www.us-cert.gov/ccubedvp.

[6] For more information about DHS cybersecurity resources and programs, visit www.dhs.gov/office-cybersecurity-and-communications.

Author Biography:

Erin Meehan is the program director of state, local, tribal, and territorial engagement in the U.S. Department of Homeland Security’s Office of Cybersecurity and Communications. In her role to help state and local governments strengthen their cybersecurity postures, Meehan has worked to build strong partnerships with the National Governors Association, the National Association of Counties, state chief information officers and chief information-security officers, and governors’ homeland security advisors.