DHS division to push cybersecurity efforts

The Bush administration created a new organization to improve security across the federal government and work with industry

National Cyber Security Division

The Bush administration last week created a new organization to improve security across the federal government and work with industry to secure the nation's major networks.

The National Cyber Security Division, part of the Infrastructure Protection Office at the Homeland Security Department, will be dedicated to following through on the priorities laid out in the National Strategy to Secure Cyberspace released by the administration in February.

The division will not only develop cybersecurity plans, but also ensure they are carried out, officials said last week.

The division "is intended to be the implementation arm of that strategy," said Robert Liscouski, assistant secretary for infrastructure protection, who will oversee the division. "Great thought without action is just that — thought."

"This is an incredibly important step that DHS is taking today," said Paul Kurtz, director of the critical infrastructure protection directorate under the White House's Homeland Security Council.

Among the division's top priorities is creation of a consolidated Cyber Security Tracking, Analysis and Response Center.

Liscouski said the center will take on a task the Federal Computer Incident Response Center had been working on: finding a way to correlate attacks happening across multiple networks. The division will also support OMB's information security improvement efforts.

Other units within the division will focus on many issues, including identifying and reducing the vulnerabilities in government networks, working with the private sector on vulnerabilities in networks and commercial products, and coordinating and supporting education and awareness campaigns for all citizens.

Many in government and industry criticized the Bush administration for disbanding the previous central point of contact, the Critical Infrastructure Protection Board, which developed the national cyber strategy.

So far industry is encouraged by the creation of the new division. There are still some concerns that the division and its director are not high enough on the DHS totem pole, but "if the organization were placed anywhere but where it is, it would be dysfunctional," Liscouski said.

And the discussions between Liscouski and industry seem to have pleased at least some of the doubters.

"The fact that Liscouski has agreed to build an organization under him that coordinates the cybersecurity activities of the various offices within DHS and other agencies, and serves as the central point of contact for the private sector, shows his resolve to address cybersecurity challenges head-on," Harris Miller, president of the Information Technology Association of America, said in a statement.

***

Something old, something new

The following offices, which were folded into the Homeland Security Department, are now part of the National Cyber Security Division:

* Critical Infrastructure Assurance Office.

* National Infrastructure Protection Center.

* Federal Computer Incident Response Center.

* National Communications System.