Creating DHS involved reorganizing agencies based on their technology resources and workforce expertise into a super-agency capable of mounting operations against terrorism.
President George W. Bush signs the bill founding the Department of Homeland Security into law.
When President George W. Bush signed the Homeland Security Act in 2002, government IT leaders and policymakers went to work on a grand plan to transform a hodgepodge of select civilian agencies into an IT-powered defensive force.
Creating the Department of Homeland Security involved reorganizing agencies based on their technology resources and workforce expertise into a super-agency capable of mounting operations against terrorism, an effort that would ultimately absorb 22 agencies and 170,000 federal workers at an annual cost of $37.2 billion.
An early qualification for participating agencies was having the tools and capabilities to help build a strong backbone for nationwide sharing of information and services. DHS officials, for example, explored using the U.S. Customs Service's Automated Commercial Environment to connect agencies via unified networking features.
ACE was designed to put Customs' systems on one network that linked entry points at U.S. borders and ports. It provided a way to strengthening border security by improving the collection, sharing and processing of $1 trillion in annual imports and exports.
Those features made ACE a candidate for use in a Transportation Security Administration project designed to screen passenger lists and manifests from international flights for irregularities.
As tools like those expanded to fill in gaps in the federal government's defensive perimeter, DHS' cybersecurity war chest grew with it.
The Einstein program, established in 2004, was an early intrusion-detection system that monitored agency network gateways for unauthorized traffic. A second version, developed with the U.S. Computer Emergency Readiness Team, helped collect traffic flow in real time and scanned it for malicious code.
Einstein gave way to more sophisticated security tools that are being used to the present day to manage federal networks, including DHS' Continuous Diagnostics and Mitigation (CDM) program.
With more sensor capacity, automated data collection and managed risk alerts, the CDM program has equipped agency network managers with dashboards that flag and prioritize the seriousness of threats based on a risk-scoring system.
The concentration of tools and policies gave DHS the ability to rise to several recent challenges, including the Federal Risk and Authorization Management Program for cloud security and a "cyber sprint" ordered by U.S. CIO Tony Scott after the massive Office of Personnel Management data breaches in 2015.
NEXT STORY: Hackers storm DOD networks