Digital Version of November/December 2014 Print Edition
DHS inspector general wants improvements in cyber incident info-sharing
The Office of the Inspector General at DHS has taken a look at how well the National Cybersecurity and Communications Integration Center is doing in coordinating the dissemination of information among five separate federal cyber operations centers and has developed a roster of recommendations for improving such information sharing.
In a report it issued on November 4, the OIG has suggested that “DHS must procure cyber tools and technologies to improve its situational awareness efforts.”
“In addition, it needs to work with its cyber operations center partners to develop a standard set of cyber incident reporting categories,” the report notes.
The National Cybersecurity and Communications Integration Center (NCCIC) is responsible for integrating cyber threat information and working with these five centers in responding to cyber security incidents that might pose a threat to the nation.
The inspector general’s office made seven recommendations to the acting under secretary of DHS for its National Protection and Programs Directorate: (1) develop tools to enhance incident management and analytical capabilities, (2) help develop a new standard set of incident categories, (3) boost staffing, (4) work with office of intelligence and analysis to augment the number of available analysts, (5) revise the training and exercise plan, (6) update the NPPD continuity of operations plan, and (7) finalize continuity of operations plans for the Office of Cybersecurity and Communications.
The National Protection and Programs Directorate agreed with the OIG’s seven recommendations, said the report, and is taking actions to address them.