Big Changes Ahead For DHS’s Cybersecurity And Infrastructure Security Agency

During a recent online briefing to vendors, The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) outlined a five year plan to increase in size, budget, and move to the cloud. Led by new assistant director for cybersecurity Bryan Ware, CISA will work aggressively to update protocols and tools that were put in place up to five or six years ago, prior to the government’s adoption of cloud computing and the rise in encrypted internet traffic.

Led by CISA and Science and Technology Directorate, the “Secure and Resilient Mobile Network Infrastructure Industry Day” invited private sector organizations and academic institutions to come together to come together for a virtual call in mid-May to learn about this new project and make appeals for project proposals. Attendees included Raytheon, Northrop Grumman, and Juniper Networks.

Ware says that compared to other sectors of government and commercial industry broadly, CISA is much behind on implementing these crucial updates. These changes don’t just include switching over to cloud use, but insuring increased security measures accompany that move. According to Martin Gross, associate director of capability delivery, they will take a hybrid cloud approach, meaning it will “be virtualized on site, using multiple vendors, off-site, commercial government.” Furthermore, he followed, there will be a shift in perspective to “Infrastructure-as-a-Service, Software-as-a-Service and Platform-as-a-Service.”

As CISA steps into its new role as the Quality Service Management Office for Cybersecurity Services¬¬¬ (QSMO), it will be serving as the storefront for all government agencies across the US bureaucracy to obtain commercial and non-commercial cloud and cybersecurity services. Ultimately, Ware says, the goal is for CISA to be buying these products and services unilaterally on behalf of the entire US government, in order to drive greater efficiency and standardization. As such, he expects that the agency will see an increase in power and visibility across government networks, in order to effectively provide a high level of cybersecurity. This will be reflected in significant increases in staff numbers and funding over the next few years.

While CISA is currently aiming to respond to cyber attacks related to COVID-19, Ware emphasized to attendees the exciting possibilities of partnering with CISA at a moment when they are laying important foundation for long-term, future-focused projects. He hopes for CISA to be “the agency that everybody wants to work with.”