WASHINGTON, DC - The
Department of Homeland Security (DHS) hosted the first-of-its-kind National
Cybersecurity Summit in New York City, bringing together industry partners and
top federal officials with the goal of laying out a vision for a collective
defense strategy to protect our nation’s critical infrastructure. According to the Department, the summit
brought together Vice President Mike Pence, Secretary Kirstjen M. Nielsen,
Secretary of Energy Rick Perry, Federal Bureau of Investigation Director
Christopher Wray, and Commander, US Cyber Command and Director, National
Security Agency General Paul M. Nakasone, DHS Under Secretary Chris Krebs, US Secret Service Director Randolph Alles, and DHS Assistant Secretary Jeanette
Manfra, alongside top CEOs from across industry including the telecom,
financial, and energy sectors.
“We are not waiting for the next
intrusion before we act,” said DHS Secretary Kirstjen Nielsen. “We are taking a
clear-eyed look at the threat and taking action—and notably—collective action
to combat them.”
Throughout the Summit, DHS and
its government and industry partners agreed on a series of concrete steps to
better understand what is truly critical and work together to reduce strategic
risk.
Secretary Nielsen announced the
creation of the National Risk Management Center, which will coordinate national
efforts to protect the nation’s critical infrastructure.
The National Risk Management
Center will create a cross-cutting risk management approach across the federal
government and our private sector partners through three lines of effort:
Identifying and prioritizing
strategic risks to national critical functions;
Integrating government and
industry activities on the development of risk management strategies; and
Synchronizing operational risk
management activities across industry and government.
The National Risk Management Center
advances the ongoing work of DHS and government and private sector partners to
move collaborative efforts beyond information sharing and develop a common
understanding of risk and joint action plans to ensure our nation’s most
critical services and functions continue
uninterrupted in a constantly evolving threat environment. The Center
will work closely with the National Cybersecurity and Communications
Integration Center (NCCIC), which will remain DHS’s central hub for cyber
operations focused on threat indicator sharing, technical analysis and
assessment services, and incident response. The two centers will work
hand-in-hand to ensure effective coordination between strategic risk management
and tactical operations.
The Department also unveiled the
formation of the Information and Communications (ICT) Supply Chain Risk
Management Task Force, which will be comprised of subject matter experts from
industry and government. The Task Force will be housed in the Center and will
examine and develop recommendations for actions to address key strategic
challenges to identifying and managing risk associated with the global
information and communications technology supply chain and related third-party
risk. The Task Force is intended to focus on potential near- and long-term
solutions to manage strategic risks through policy initiatives and
opportunities for innovative public-private partnership.
Secretary Nielsen also discussed
DHS’ ongoing commitment to improving the nation’s cybersecurity posture through
the timely sharing of actionable cyber threat indicators via the free Automated
Information Sharing (AIS) program. DHS has prioritized working with industry to
identify improvements to AIS and will roll out an updated platform in the fall
with upgraded capabilities to improve our collective defense. These
improvements are based on feedback received from industry and will include
additional context and improved feedback mechanisms to be more relevant and
meaningful to users.
In his closing keynote address,
Vice President Pence highlighted the Administration’s focus on cybersecurity
and the critical role this summit played in moving forward with these efforts.
Vice President Pence also called on the U.S. Senate to enact legislation to
create the Cybersecurity and Infrastructure Security Agency before the end of
the year.
At the summit, a diverse group of
more than twenty CEOs from some of the largest companies in the world and
senior-most government officials convened specifically to discuss cybersecurity
and critical infrastructure risk management. They were joined by hundreds of
others from across a wide range of industries. The Department will continue to
lead the federal government’s efforts for an integrated, cross-sector approach
to protect our nation’s critical infrastructure from the growing cyber threat.