Defending DHS as a Cybersecurity Leader

Mark Weatherford on DHS's Growing Sway over Infosec Policy

By , January 27, 2013.
Defending DHS as a Cybersecurity Leader

The top Department of Homeland Security policymaker focused exclusively on cybersecurity, Mark Weatherford, defends DHS's ability to take a leading role in safeguarding civilian agencies and key national IT systems. His viewpoint challenges questions raised about the department's capabilities by critics such as Sen. John McCain.

See Also: OPM Breach Aftermath: How Your Agency Can Improve on Breach Prevention Programs

"With all due respect to the good senator, and you know he is one of my heroes, there was probably a point in time where DHS probably wasn't the place where you would think that the cyber talent and the cyber [defense] should be, but that has changed," Weatherford says in an interview with Information Security Media Group's GovInfoSecurity. "We are more mature now. We are developing the talent. We have the chops to do this, and we are proving it on a daily basis."

McCain, R-Ariz., is a leading critic in Congress on giving DHS more sway over coordinating cybersecurity among federal civilian agencies and the private sector, responsibilities being advanced by the Obama administration and Democratic lawmakers. Last year, in debating cybersecurity legislation, McCain said in a Senate floor speech: "I think I speak for many when I question the logic of putting this agency in charge of sensitive national security matters. They can't even screen airline passengers without constant controversy."

Recruiting Top Talent

But Weatherford suggests McCain's assessments of DHS's capabilities are outdated, and he hears of a growing confidence in the department's ability to lead cyber-defense for the civilian part of the government and the nation. Since becoming deputy undersecretary in the fall 2011, Weatherford has been recruiting some of the top cybersecurity talent from other parts of the federal government to strengthen DHS's IT security abilities [see Building DHS's All-Star Cybersecurity Team].

"I've been very pleasantly surprised at the skill that we're able to attract here at DHS ... we've matured so much in the past year," Weatherford says. "We weren't even on people's roadmap; we weren't in people's vision a year ago. Now, people know and are beginning to understand better what the mission of the Department of Homeland Security is in the cyber-arena and that they can actually come here and do some pretty dang interesting stuff. Not to toot our horn too much, but we're attracting some of the best talent out of some of the other civilian federal agencies that I'm pretty satisfied with. It's causing some consternation in other organizations sometimes, but we're having a lot of success with that."

Among the talent Weatherford has attracted to DHS include John Streufert, who as State Department chief information security officer rolled out a continuous monitoring program that's credited with reducing IT vulnerabilities. Streufert, as DHS director of federal network resilience, is helping other agencies deploy continuous monitoring [see Continuous Monitoring and the Cloud].

Other recruits taking top DHS cybersecurity posts include Rosemary Wench, a seasoned Defense Department information operations director, as the main DHS contact with the National Security Agency [see DHS Fills Senior Cybersecurity Post]; and former Energy Department Chief Information Officer Michael Locatis as assistant secretary for the Office of Cybersecurity and Communications [see DHS Taps Energy CIO for Senior Infosec Post]. DHS announced earlier this month that Locatis is leaving that job.

Changing Perceptions

Still, the perception of DHS strengthening its cybersecurity leadership role is growing, Weatherford says.

"The number of phone calls, the number of interactions that we're getting from the private sector on a daily basis has increased almost exponentially off the charts in the past year, and that is because people trust us to do what we're doing," Weatherford says. "When you think about it, we are the Department of Homeland Security. Our job is working with the private sector, the civilian organizations in the private sector across the country to help manage and secure their infrastructure. ... That is our mission to do that. We have matured an awful long way and I don't, quite frankly, think there is anybody that does doubt this capability."

Follow Eric Chabrow on Twitter: @GovInfoSecurity

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE St. Louis Fed Confirms DNS Hijacking

The Federal Reserve Bank of St. Louis says its DNS settings were hacked, and visitors redirected to...

Latest Tweets and Mentions

ARTICLE St. Louis Fed Confirms DNS Hijacking

The Federal Reserve Bank of St. Louis says its DNS settings were hacked, and visitors redirected to...

The ISMG Network