9/11 + 7: Taking stockDHS: Progress and priorities, II

Since it was created five-and-a-half years ago, DHS, by fits and starts — and some false starts — has made significant progress in protecting the United States. Yesterday we discussed how the department has made progress in protecting the United States from dangerous people and goods. In this installment we discuss the strides the department made in protecting the U.S. critical infrastructure, strengthen emergency response, and unifying department operations.

Protecting ritical infrastructure

One of DHS’s main responsibilities is the protection of critical infrastructure and key resources, essential government operations, public health and welfare, and the U.S. economic and national security interests. To do so, it works with private industry, which owns and operates roughly 85 percent of the nation’s critical infrastructure.

• Setting chemical security standards: The National Protection and Programs Directorate (NPPD) established national standards for chemical facility security in a comprehensive set of regulations to protect chemical facilities from attack and prevent theft of chemicals that could be used as weapons.
• Protecting the U.S. federal networks: In January 2008 President George Bush approved a new directive on cybersecurity policy. The president’s classified directive establishes the policy, strategy, and guidelines to secure federal systems. The directive provides a comprehensive approach that anticipates future cyber threats and technologies and requires the federal government to integrate many of its technical and organizational capabilities to better address sophisticated threats and vulnerabilities. DHS is leading many cybersecurity efforts under the Comprehensive National Cybersecurity Initiative, including the establishment and operation of a National Cyber Security Center (NCSC), a collaborative organization comprised of government agencies that will act like a hub for federal interagency information sharing. The mission of the NCSC is to detect, protect, analyze, and distribute data related to threats on federal government networks.
• Increasing cyber security: DHS has established the Computer Emergency Readiness Team (US-CERT) to provide a 24-hour watch, warning, and response operations center, which in 2007 issued over 200 actionable alerts on cyber security vulnerabilities or incidents. US-CERT developed the EINSTEIN intrusion detection program, which collects, analyzes, and shares computer security information across the federal civilian government.  EINSTEIN is currently deployed at fifteen federal agencies, including DHS, and plans are in place to expand the program to all federal departments and agencies. In addition, the Secret Service currently maintains 24 Electronic Crimes Task Forces to prevent, detect, mitigate and aggressively investigate cyber attacks on our nation’s financial and critical infrastructures.
• Greater information sharing: The Office of Intelligence and Analysis (I&A) leads DHS efforts to