Don't expect a miracle from cybersecurity strategy, DHS says

An official with the Homeland Security Department's National Protection and Programs Directorate says the government doesn't need a new cybersecurity strategy.

People shouldn’t expect miracles from cybersecurity strategy, according to a senior cybersecurity official with the Homeland Security Department.

“Anything that includes the phrase ‘and then a miracle happens,’ is not a strategy,” Philip Reitinger, deputy undersecretary of DHS’ National Protection and Programs Directorate, said July 27 at a conference in Washington.

Reitinger said it’s important that the government continue to focus on evolving its computer security strategy and putting it in place, rather than starting over.


Related story

DHS struggles to define its cybersecurity mission


“We don’t need a new strategy; we need to evolve our strategy and focus on implementation, we need to make a difference now, day to day, week to week, month to month and year to year,” he said during a panel discussion at the conference sponsored by the Commerce Department.

Reitinger said a broader use of privacy-enhancing authentication, building interoperability into systems and increasing automation so officials can respond faster would make a difference in computer security.

DHS plays a prominent role in the government's overall cybersecurity strategy. The department is responsible for securing the .gov domain used by civilian federal agencies and has responsibilities for interacting with industry and protecting critical infrastructure.