At a cybersecurity summit Tuesday, Homeland Security secretary Kirstjen Nielsen announced the creation of the National Risk Management Center, which will focus on evaluating threats and defending US critical infrastructure against hacking. The center will focus on the energy, finance, and telecommunications sectors to start, and DHS will conduct a number of 90-day “sprints” throughout 2018 in an attempt to rapidly build out the center’s processes and capabilities.
“We are reorganizing ourselves for a new fight,” Nielsen said on Tuesday, who described the new center as a “focal point” for cybersecurity within the federal government. Nielsen also noted that DHS is working with members of Congress on organizational changes that can be mandated by law to improve DHS’s effectiveness and reach.
(Via Security Latest)
Based on the recent news from the Boston Globe about TSA wasting resources on zero value “security”, I am skeptical of how useful this will be in the U.S. Government’s security efforts. I seem to recall something similar was in the works over a decade ago.
However, Secretary Nelson seems to have said the right things in her talk:
- Risk-based approach
- Threat evaluation versus threat chasing
- Focused on specific critical industries
- Taking an agile development approach to building out capabilities
- Working with Congress
- Being the focal point for government
There are unanswered questions. We will get more answers as the process moves along.
I sincerely hope this isn’t another Security Theater opportunity to waste time and taxpayer resources.