DHS and Cyberpower
Over the next few entries, I am going to examine how various US government agencies address the issue of cyberpower, starting with DHS. In Eric Lausten’s blog, he breaks down the National Strategy for Homeland Security which was issued earlier this month. This topic is closely reverent to my paper as well as Eric’s.
The only direct reference to cyberspace in the NSHS is a side bar titled “Cyber Security: A special Consideration on page 28. It reads:
Many of the Nation’s essential and emergency services, as well as our critical infrastructure, rely on the uninterrupted use of the Internet and the communications systems, data, monitoring, and control systems that comprise our cyber infrastructure. A cyber attack could be debilitating to our highly interdependent CI/KR and ultimately to our economy and national security.A variety of actors threaten the security of our cyber infrastructure. Terrorists increasingly exploit the Internet to communicate, proselytize, recruit, raise funds, and conduct training and operational planning. Hostile foreign governments have the technical and financial resources to support advanced network exploitation and launch attacks on the informational and physical elements of our cyber infrastructure. Criminal hackers threaten our Nation’s economy and the personal information of our citizens, and they also could pose a threat if wittingly or unwittingly recruited by foreign intelligence or terrorist groups. Our cyber networks also remain vulnerable to natural disasters.
In order to secure our cyber infrastructure against these man-made and natural threats, our Federal, State, and local governments, along with the private sector, are working together to prevent damage to, and the unauthorized use and exploitation of, our cyber systems. We also are enhancing our ability and procedures to respond in the event of an attack or major cyber incident. The National Strategy to Secure Cyberspace and the NIPP’s Cross-Sector Cyber Security plan are guiding our efforts.
In a sidebar on the previous page, the document lays out the “17 sectors of critical infrastructure”. Reading through this list with the intent of finding references to cyberspace in the document, I identified 9 of the 17 sectors as those affected by the Internet. With such a high proportion of the sectors involved, I expected the document to address cyberspace in a more comprehensive manner.
At the same time, I think DHS has a good concept of its role as an instrument of cyberpower. Homeland Security is essentially playing defense when it comes to cyberpower, using its resources to protect cyber infrastructure targets and identify vulnerabilities. I find it curious that the sidebar’s sentence about terrorism talks about the “command and control” and “information operations” aspects of terrorism and cyberspace. I see the kinds of actions taken to counter these two kinds of cyberspace operations more in the purview of the justice or Defense Departments. Over the next few entries, I will seek to see if the relevant documents from those organizations meet my expectations in that regard.