DHS still waiting on NPPD reorg
It's Critical Infrastructure Month, but DHS cybersecurity officials are wondering about the status of the agency's plan to integrate its cybersecurity division with its infrastructure protection duties.
The Department of Homeland Security's plan to reorganize and rename the National Protection and Programs Directorate is still stuck on Capitol Hill, according to one of NPPD's top officials.
When asked about the status of the plan at a Nov. 2 conference, Phyllis Schneck, deputy undersecretary for cybersecurity and communications at NPPD, said, "I wish I knew."
She and other DHS officials have been trying to keep the reorganization's profile high on Congress' agenda for the past few months.
The reorganization would rename NPPD as the Cybersecurity and Infrastructure Protection Agency and bind cyber and physical security capabilities more closely to better reflect the links between security threats.
In mid-October, DHS Secretary Jeh Johnson told the Critical Infrastructure Partnership Advisory Council that the reorganization should be at the top of the next Congress' list of priorities.
At the same meeting, NPPD Undersecretary Suzanne Spaulding said the reorganization would position the new cyber hub as an operational component at DHS rather than simply a headquarters agency. The new organization could then go beyond policy guidance to provide specific, results-oriented advice.
In her remarks at the Homeland Security Week conference on Nov. 2, Schneck said October and November mark a particularly interesting time for DHS, cybersecurity and critical infrastructure.
In October -- DHS' designated Cybersecurity Month -- the agency highlights the importance of basic cybersecurity practices and awareness. November is Critical Infrastructure Security and Resilience Month, when DHS highlights relevant best practices and awareness.
And Nov. 8, of course, is Election Day. Although the nation's voting systems are not currently designated as critical infrastructure, Johnson raised that possibility in August after hackers targeted Democratic National Committee systems and state voter databases. The majority of states have asked DHS to scan their election systems for vulnerabilities, but several state officials have publicly objected to any formal DHS oversight.
In a Nov. 2 blog post about this month's emphasis on critical infrastructure, Spaulding said officials at NPPD and other DHS components -- such as the Federal Emergency Management Agency, Transportation Security Administration and Coast Guard -- "are on the frontlines securing and protecting critical infrastructure each and every day throughout the nation."
This year, Critical Infrastructure Security and Resilience Month will focus on the sector's increasing reliance on web-enabled systems, she said.
NEXT STORY: The Dark Web Isn’t All Dark