DHS Security Operations Center: watching the agency’s networks

The Homeland Security Department’s efforts to protect the nation’s cyber assets are mostly well-known. US-CERT is just one example of an organization within DHS working on cybersecurity.

Less well-known is the internal operation that protects DHS’s own networks. Alma Cole heads that effort, known as the Security Operations Center (SOC).

“We are the DHS internal-facing, continuous-monitoring, incident-response team,” Alma told me today. “Customs and Border Protection…is the steward for the DHS OneNet network, as well as DHS’s two Trusted Internet Connections. We are responsible for monitoring the security of both the wide-area network for DHS, as well as all of the Internet gateways.”

Alma and I talked about the efforts to keep DHS networks – and those of the component agencies – safe from intrusion and compromise, and the technology needed to do the job. We also talked about the workforce he leads, and how to build the pool of qualified cyber pros, both now and in the future.