DHS struggles to coordinate internal cyber responses

The Office of Inspector General says the Department of Homeland Security is struggling to keep its component agencies on the same page for communication and coo...

The Department of Homeland Security strengthened its coordination of cybersecurity missions but still struggles to keep its component agencies on the same page about threat responses, according to the Office of Inspector General.

In a new report, the OIG said DHS needs to develop both a departmentwide cyber strategy and a training security program to streamline its component agencies. The report also stated DHS needs to make “technical enhancements” to its IT systems and bring Immigration and Customs Enforcement and the Secret Service in to full compliance with IT security policies.

The IG ran the audit to test DHS and its component agencies for security response coordination on national issues and to determine how defined the cyber roles are for each agency. The audit found that along with vulnerabilities in information networks, websites and security program requirements, DHS needs to find ways to have agencies communicate and streamline key information and strategies.

Auditors found that ICE, the Secret Service and the National Protection and Programs Directorate (NPPD) don’t have “a clear understanding of each other’s responsibilities and operational and investigative capabilities” to coordinate which agency tackles what problem.

One example in the report showed that NPPD and USSS believed ICE was the point of contact for child exploitation cases and didn’t know its cyber-related responsibilities include money laundering and financial fraud.

The OIG found the misunderstanding led to conflicts with assignments and incident response. The IG recommended the Principal Deputy Assistant Secretary for Cyber Policy create a plan that defines each agency’s roles and monitor long-term goals, performance metrics and milestones to measure DHS’ progress for unifying coordination efforts.

While DHS’ component agencies took the initiative to start their own training programs for cyber-response, the efforts are decentralized and causing “duplicated costs” with too much emphasis on training only for forensics teams.

OIG directed the Principal Deputy Assistant Secretary for Cyber Policy to work with the chief human capital officer to build departmentwide training programs that include non-technical operators and agents.

The audit found DHS has no way to notify its agencies with real-time incident information since there is no centralized system. Senior officials from ICE, NPPD and the Secret Service all agreed that DHS needs a system, but stated the department doesn’t “have the infrastructure to support an enterprisewide system.”

The IG recommended DHS work with its component agencies to create an approach that acquires capabilities needed for a same-time enterprise system.

DHS agreed with all nine recommendations the OIG made, and so far, has resolved seven of them.

Despite citing its need to address coordination issues, the IG recognized DHS’ component agencies individual efforts to build stronger bridges for communication as an improvement, stating their efforts have “strengthened coordination in performing their cyber missions.”

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

More from Federal News Radio: