94 days and counting: DHS chief outlines his final to-do list

With less than 100 days until he plans to leave the Homeland Security Department, Secretary Jeh Johnson said he has a few major items left on his to-do list.

“My goal in office for my 37 months — and it will be 37 months, 94 days from now — is to build a better department and to leave this place better than I found it, in addition to defending the homeland,” Johnson said during the keynote speech at an Oct. 18 Critical Infrastructure Partnership Advisory Council (CIPAC) meeting in Arlington, Va.

Cybersecurity, namely, remains a priority for Johnson, as the department will play a major role in helping state and local partners prepare their systems for the upcoming election and also has a few congressional deadlines to meet before the year ends.

Federal employee bill tracker: How pending legislation could affect your bottom line

About 75 percent of civilian agencies have adopted EINSTEIN 3A cyber tools so far.  And Johnson said DHS will meet the congressional deadline to install EINSTEIN tools at all agencies by Dec. 18.

Advertisement

“We have a lot of departments and agencies signed up now,” he said. “A few more that were not signed up just agreed to get signed up in last couple of weeks, so I believe that we will get there.”

EINSTEIN 3A has blocked more than 1 million efforts so far, Johnson said. The department is also adding a new cyber risk scoring system to the tool.

And as anxiety grows over the possibility of cyber attacks on state and local election systems, DHS has not officially declared the nation’s election system — or the individual systems that 9,000 local and state jurisdictions use to collect, tally and report votes — as critical infrastructure.

But Johnson said about 36 states have approached DHS so far and asked for help with their election system cybersecurity.

“A number [of states] now are getting vulnerability assessments, scanning from the Department of Homeland Security for their cybersecurity,” Johnson said. “I’m very pleased with the level of partnership and cooperation with state and local election officials in the run up to Nov. 8.”

The department has improved its ability to share information with other federal, state and local agencies, in addition to private sector companies, Johnson said.

“In my view, and this is one of the reasons I wanted to be here, sharing information with the people in this room is one of our most important homeland security missions, given where we are in the global terrorist threat,” he said.

For example, DHS has cleared about 2,000 private sector partners and is working to give them access to the department’s fusion centers as another avenue for information sharing, said Caitlin Durkovich, assistant secretary for infrastructure protection.

To that end, the department is also transferring more personnel from headquarters to offices in the field to help DHS more easily transmit information beyond the Beltway and to its partners across the country.

“Our customers, owners and operators of critical infrastructure, are not largely here in the Beltway, but they are around the country,” Durkovich said. “[There’s] this need for us to continue to make sure that we have the right balance of resources.”

DHS started its “enhanced regionalization” initiative to look where the country’s most critical infrastructures are and to push its resources to those areas. The department will move nearly 150 employees from headquarters to the field. DHS started that program this summer, when it hired 10 regional directors to head up field offices, Durkovich said.

Yet some initiatives are largely out of his hands, Johnson said, and instead sit with Congress.

He’s still pushing Congress to allow the department to realign and re-organize the National Protection and Programs Directorate.

“We believe that there should be a close alignment between cybersecurity and infrastructure protection,” he said. “We want to build an agency within the Homeland Security Department focused on those two missions and only on those two missions.”

The goal of NPPD realignment is to recognize the cybersecurity professionals as their own, operational component within the department.

“[It’s] an operational resource, which will get us more fully and consistently into those outcome conversations,” said Suzanne Spaulding, undersecretary for the NPPD. “Because those conversations are pulling in all of the operational resources that are available for the government and the private sector to talk about how we achieve certain outcomes. We are still too often viewed as a headquarters component to engage in policy discussions.”

In addition, Johnson is encouraging Congress to officially authorize a relatively recent structure he put in place to better communicate and streamline border patrol activities across the country.

To better coordinate border security across the country, Johnson established three main entities to lead regional efforts, which are modeled after the military’s combatant commands. A Coast Guard three-star admiral leads border security for Joint Task Force East and a three-star border patrol leader heads up Joint Task Force West. Both leaders coordinate DHS resources to their respective regions.

The Investigations Joint Task Force supports the two regional organizations.

“It’s a little like SOCOM supporting the geographic combatant commands in the Department of Defense,” Johnson said. “This is the wave of the future for our department. I’d like Congress to explicitly authorize this. There’s legislation pending now to do that, and I hope it actually happens, if not this year then next year. This is what we need to do and this is the direction that we need to continue to move in.”