DHS Releases New Cybersecurity Policy to Meet Rising Threats
The DHS report warns of nation-states that continue to present a considerable cyber threat. However, non-state actors are emerging as well with capabilities that match those of sophisticated nation-states.
WASHINGTON — The U.S. Department of Homeland Security (DHS) has released a new national strategy to identify and manage national cybersecurity risks, with the goal to better assess them and reduce vulnerabilities.
“The cyber threat landscape is shifting in real-time, and we have reached a historic turning point,” DHS Secretary Kirstjen Nielsen said in a statement. “It is clear that our cyber adversaries can now threaten the very fabric of our republic itself.”
The May 15 announcement comes amid concerns about the security of the 2018 U.S. midterm congressional elections and numerous high-profile hacking of U.S. companies.
“The United States faces threats from a growing set of sophisticated malicious actors who seek to exploit cyberspace. Motivations include espionage, political and ideological interests, and financial gain,” according to the 35-page report. “Nation-states continue to present a considerable cyber threat. But non-state actors are emerging with capabilities that match those of sophisticated nation-states.”
The report goes on to say that criminal actors are increasingly empowered by modern information and communications technologies that enable them to grow in sophistication and transnational reach.
The report continues: “Transnational criminal organizations also increasingly collaborate through cyberspace. Complicating the threat picture, nation-states are increasingly using proxies and other techniques that blur the distinction between state and non-state cyber activities. In a number of cases, malicious actors engaged in significant criminal cyber activity appear to have both criminal and nation-state affiliations.”
The report states that by 2020 more than 20 billion devices are expected to be connected to the internet. “The risks introduced by the growing number and variety of such devices are substantial,” it says.
Nielsen says the government “must think beyond the defense of specific assets — and confront systemic risks that affect everyone from tech giants to homeowners.”
The report also noted the 2015 intrusion into a federal agency resulted in the compromise of personnel records of over 4 million federal employees and in total impacted nearly 22 million people.
The DHS report says the agency “must better align our existing law enforcement efforts and resources to address new and emerging challenges in cyberspace, to include the growing use of end-to-end encryption, anonymous networks, online marketplaces, and cryptocurrencies.”
In March, Nielsen says the department was prioritizing election cyber security above all other critical infrastructure it protects, such as the financial, energy and communications systems.
U.S. intelligence officials have repeatedly warned that Russia will attempt to meddle in the 2018 contests after doing so during the 2016 presidential campaign.
Nielsen says that more than half of U.S. states have signed up for the agency’s cyber scanning services, designed to detect potential weaknesses that could be targeted by hackers.
DHS says in 2016 that 21 states had experienced initial probing of their systems from Russian hackers in 2016 and that a small number of networks were compromised, but that there was no evidence any votes were actually altered.
The DHS has identified five pillars of a department-wide risk management approach, which you can view here.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add sales to your bottom line.
A free subscription to the #1 resource for the residential and commercial security industry will prove to be invaluable. Subscribe today!