homeland security

Commentary: Homeland Security makes the right moves to bolster our cybersecurity

By: Francis Taylor

This piece originally appeared in The Hill, August 2, 2019

If there is one thing that was learned from the 2016 presidential election, it is that protecting our election infrastructure cannot be only a passive decision. There is a need to be proactively assessing our environment to ensure that we are implementing the cybersecurity features that fortify our systems and, ultimately, our American democracy. This is where the Cybersecurity and Infrastructure Security Agency comes into full play.

The Cybersecurity and Infrastructure Security Agency was inaugurated in 2018 as a component within the Department of Homeland Security. Its primary objectives are to lead cybersecurity efforts across the federal government and to work with the critical infrastructure community to help protect their networks. But it was not conceptualized solely on the basis of Russian interference. The evolving concerns that the Cybersecurity and Infrastructure Security Agency plans to prioritize as it is now entering its second year include supply chain, 5G networks, and election security.

Standing up the Cybersecurity and Infrastructure Security Agency last fall, an effort that was started by the Obama administration but realized by President Trump, has signaled cybersecurity as a priority deserving of greater resources. Top Department of Homeland Security officials had been championing the decision, advocating that the creation of the Cybersecurity and Infrastructure Security Agency was necessary for streamlining its goals. It is able to act more independently, like how the Federal Emergency Management Agency operates, so barriers to decision making are eliminated, and responses are more efficient and successful.

Under the leadership of Chris Krebs, the Cybersecurity and Infrastructure Security Agency has initiated a solid roadmap outlining how it will fully mature its capabilities over the next two years. While it may appear to be acting similarly to an intelligence agency through its information sharing efforts, there is a major distinction in that it will operate transparently. This is a huge win for all its civilian, private sector, and government partners navigating the complex cybersecurity landscape.

The Cybersecurity and Infrastructure Security Agency understands that a majority of our cybersecurity infrastructure resides in the private sector and is committed to taking actions to counter threats that extend beyond government systems. This means it will work closely with cybersecurity infrastructure entities to understand what they themselves perceive to be the greatest risks to their systems. This not only improves the efficacy of solutions, but it helps achieve buy in, which greatly strengthens efforts.

Still, the Cybersecurity and Infrastructure Security Agency exhibits both form and function. There are new emerging cyberthreats that are rapidly changing and advancing, including the durability of the supply chain. Cybercriminals and foreign adversaries have demonstrated the ability to exploit vulnerabilities in the supply chain, gaining access to sensitive data. These perpetrators are acting strategically to disrupt our systems, and the Cybersecurity and Infrastructure Security Agency is expected to exercise collective defense to manage these risks and share actionable intelligence with important network defenders positioned to act on it.

One resource that the Cybersecurity and Infrastructure Security Agency now relies on is its Information and Communication Technologies Supply Chain Risk Management Task Force that is comprised of federal partners and dozens of the largest companies in the information technology and communications sectors. Its participants are crafting strong proposals to manage several weaknesses in the international technology supply chain.

It comes as no surprise that another focal point is 5G. However, with the advantages of 5G come the downsides, as there are greater opportunities for our adversaries such as China to gain access to our networks and for insecure technology to gain outsized market share. To defend against all these  new threats, the Cybersecurity and Infrastructure Security Agency coordinates with the Department of State, the Department of Commerce, the Federal Communications Commission, and the White House. This is necessary to determine risk mitigation strategies, such as mandating all 5G technology be interoperable, or banning some providers like Huawei.

But what about election security? Was that not the driving force in establishing the Cybersecurity and Infrastructure Security Agency? It is indeed working to expand upon the relationships with state and local election officials and voting machine vendors that emerged from the 2018 midterm elections. The Department of Homeland Security now finally recognizes elections as part of our cybersecurity infrastructure, and so engagements with these partners has been paramount to understanding how they operate. Collaboration between state and local election officials and the federal government is a major factor in incentivizing the patching of election systems and helping the Cybersecurity and Infrastructure Security Agency achieve its goal of 100 percent auditability by 2020.

The Department of Homeland Security is a proven government leader by launching the Cybersecurity and Infrastructure Security Agency to focus on emerging cyberthreats. With this leadership comes the responsibility to integrate and coordinate with the private sector to ensure secure and sustainable partnerships. Connecting these entities will inform decision making and provide pathways for innovation and intelligence sharing.

Francis Taylor served as undersecretary for intelligence and analysis at the Department of Homeland Security and as assistant secretary for diplomatic security at the Department of State now with Cambridge Global Advisors.

Press Release: CGA's Jake Braun Testifies Before U.S. House Homeland Security Committee

Washington, DC (February 13, 2019) - Today, Jake Braun, co-founder of the Voting Village at DEF CON -- the world’s largest and longest running hacker conference -- testified before the U.S. House Homeland Security Committee about the cybersecurity threats facing our nation’s elections infrastructure.  Citing DEF CON’s own groundbreaking research that it has conducted over the last two years in the aftermath of the Russian hacking during the 2016 elections, Braun’s testimony represented one of the first times DEF CON was invited to play a prominent role in informing and educating Washington lawmakers on issues of national security.

The testimony also represented a first foray into Washington for the University of Chicago’s Cyber Policy Initiative (CPI), launched last year at DEF CON 26 and currently led by Braun, who serves as its Executive Director. Housed within the Harris School at the University of Chicago, CPI serves as a forum through which hackers, technologists, academics, and the cyber research community can engage policy makers at all levels of government to strengthen our voting systems and our democracy.

“It’s an honor to be here on the Hill wearing both hats today,” said Braun. “Over the last two years, DEF CON has done cutting-edge research to expose and elevate the vulnerabilities in our voting systems -- and now CPI is playing a critical translator role, taking findings out of the ‘hacker’ world and explaining threats and solutions to lawmakers in policy terms, helping to tackle what’s become one of the biggest national security concerns of our time.”

In addition to highlighting the link between national security and protection of our nation’s election infrastructure, Braun highlighted specific vulnerabilities found by the DEF CON Voting Village demonstration, which represented the first public, third-party security assessment of voting machines.

Braun also added, “The attacks on our election infrastructure are not solely an election administration nuisance but rather a national security threat,” said Braun. “This is about our national security apparatus marshalling its resources to do what our nation expects it to do, which is protect our country from existential threats to the United States.”

The hearing, called by Representative Bennie G. Thompson (D-MS), sought to kick-off debate on H.R. 1, the For the People Act of 2019.  Braun was joined by notable election leaders including California Secretary of State Alex Padilla; former Cook County, Illinois, Director of Elections Noah Praetz; Alabama Secretary of State John Merrill; Christopher C. Krebs, Director, Cybersecurity and Infrastructure Security Agency, Department of Homeland Security; and Thomas Hicks, Chairman, U.S. Election Assistance Commission.

Additional Resources:

For a full video of the proceedings, please visit https://youtu.be/EXosdmRSsNA

For Braun’s full testimony, please visit: https://homeland.house.gov/sites/democrats.homeland.house.gov/files/documents/Testimony-Braun.pdf

For the full 2017 DEF CON report, please visit https://defcon.org/images/defcon-25/DEF CON 25 voting village report.pdf

For the full 2018 DEF CON report, please visit https://defcon.org/images/defcon-26/DEF CON 26 voting village report.pdf

###


Commentary: Energy Sector Cyber Threat Is Real; Greater Collaboration Is Part of the Answer

By: Christopher Burnham & Brian deVallance

This piece originally appeared in Homeland Security Today, October 9, 2018.

In June of 2017, when Wired magazine published a harrowing account of Russia’s hack of the Ukrainian electrical grid, it quickly generated broad discussion about the state of our nation’s cyber defense in the critical infrastructure (CI) sectors. But Washington is nearly 5,000 miles from Kiev, and Russia’s ability to take control of a Ukrainian power company through its IT helpdesk seemed even more remote.

Remote no longer. Dan Coats, the director of National Intelligence, recently testified before Congress that “the warning lights are blinking red again” and that “today the digital infrastructure that serves this country is literally under attack.” In March, the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) issued a joint alert of Russian cyber activity seeking to disrupt the energy and other CI sectors.

While much remains to be done, the U.S. is headed in the right direction on cyber. First, there is growing consensus about what constitutes basic cyber hygiene or cyber defense – for example, the Critical Security Controls from the nonprofit Center for Internet Security. In addition, following the release of the federal government’s National Security Strategy last December, the White House issued its new National Cyber Strategy in September.

Earlier this year the Department of Energy unveiled its new Office of Cybersecurity, Energy Security, and Emergency Response (CESER), and the Senate has confirmed cyber-savvy Karen Evans as the office’s first assistant secretary. Just last week, DOE announced $28 million in technologies intended to improve the cybersecurity of power and energy infrastructure.

At the DHS Cyber Summit in July, Secretary Kirstjen Nielsen announced the creation of the National Risk Management Center (NRMC), DHS’s intended home for collaborative, sector-specific and cross-sector risk management efforts to better protect critical infrastructure. It is significant that DHS is highlighting the need to continue to build and strengthen partnerships as a part of fortifying American cybersecurity. As former DHS Deputy Secretary Jane Lute has noted, we have not yet decided, as a society, the precise role that government will play in protecting our national cyber resources. This is consistent with DHS’s enterprise approach of needing more than a single federal department to secure the homeland. Instead, we need the active partnership of all of us: state, local, tribal, and territorial (SLTT) governments; federal and SLTT law enforcement; nonprofit best-practice providers; the private sector; and the American public.

Jeanette Manfra, DHS’s assistant secretary for cyber, provides a cogent roadmap: We need to “create this collective defense model, where we all provide capabilities, authorities, and competencies to make cyberspace safer.”

For their part, the various CI sectors have been diligent in working to combat cybersecurity risk. Some CI sectors, like the natural gas industry, have been investing millions in new technologies to improve distributed control systems, cloud-based services, and data analytics. Additionally, sector-specific Information Sharing and Analysis Centers (ISACs) have allowed for improved information sharing between industry and the federal government. Top ISACs include the Multi-State ISAC, the Oil and Natural Gas ISAC, and the Financial Services ISAC, among other ISACs. Other positive industry actions include adopting voluntary best practices like the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity; participating in cross-industry exercises like Grid-Ex, where CI sectors practice responding to cyber-attacks; and continually educating employees on the latest cyber risks and threats.

With the establishment of the NRMC, Secretary Nielsen has issued a challenge and an invitation: private industry and the various national security agencies need to work together to help make this cross-sector, public-private partnership model a successful approach to increasing cyber defense in critical infrastructure.

The individual partners are making progress. We must now work together to create a collective defense.

Commentary: National Vetting Center a Needed, Not Controversial, Security Asset

By Francis X. Taylor

This commentary originally appeared in Homeland Security Today, June 11, 2018.

For decades the U.S. has screened and vetted those who wish to enter the United States or apply to come to U.S. as visitors, immigrants or refugees. While technology and threats have changed, what has remained the same is the need for our officials on the front lines to have the most up-to- date and accurate information to decide who should or should not be allowed to enter our country.

To that end, earlier this year the National Vetting Center (NVC) was created to strengthen, simplify, and streamline the complex, ad hoc, and sometimes inefficient ways that intelligence is used to inform operational decisions related to screening and vetting. Despite the hype, I believe the NVC should not be viewed as part of the heated national debate on extreme vetting. Instead, the NVC should be viewed as the continuing improvement of effective security processes to improve the security of our travel, immigration and trade infrastructure. Specifically, I believe there are three added benefits to the government and to America’s overall national security posture with the launch of the NVC.

First, the practices and procedures that the U.S. government uses for screening and vetting must be dynamic and continually evolve in terms of throughput, redress, privacy, and accuracy. The NVC is a positive step in that direction. Following the 9/11 terrorist attacks, the U.S. created a system to better protect the homeland against potential terrorists. Lessons learned after each attempted terrorist plot since 9/11 caused the government to incrementally mature the system but never fully institutionalize these best practices in one organization.

While U.S. intelligence, law enforcement and security professionals continue to scour the globe for transnational criminals, spies, drug smugglers and weapons proliferators trying to enter the country illegally or with bad intent, the NVC can serve as a single place to analyze a broader set of applicable government information – with the right privacy regime to ensure that the right analysts have access to the proper information at the right time.

Second, I believe the NVC is a smarter use of the government’s existing knowledge, expertise, and money, as well as a realization of the post-9/11 mission to connect the dots of those transiting to the homeland for nefarious reasons.

Threats are not the only thing that have changed since the turn of the century. Technology has clearly evolved at a near exponential pace. Through the NVC, federal agencies will have the ability to use the NVC’s tools and analytic programs in a consolidated, efficient, and streamlined fashion with greater accuracy and speed than ever before. This approach would allow for secure information sharing at a volume and speed that was not possible just five years ago.

Through the creation of the NVC, the U.S. government will have an agile center that can evolve as the threats to the homeland evolve. The threat picture is ever-evolving and the government needs to move quicker to counter the tools that our adversaries are using. Today’s technology will allow agencies to maintain control of their data and permit it to be accessed securely and only by those with the right and proper authorities for the purpose of a specific, legally authorized screening mission.

Finally, the NCV will allow for better coordination and collaboration. Right now, agencies are screening and vetting people properly and with much success – the system is not broken. But we can do it better. And we can expand the work beyond the counterterrorism-only focus of the past 17 years. The NVC will allow for a “task-force” approach to these activities rather than the ad hoc mechanisms that currently exist. Co-locating vetting analysts from different agencies will allow these trained professionals to collaborate, share information where appropriate and access the expertise that resides within each agency to make better, more timely and more informed decisions – including redress decisions. And this scalable model will provide agencies the flexibility to meet the evolving threats we no doubt will face in the coming years as terrorists, criminals and others change their tactics in an attempt to evade the latest vetting protocols.

As the former Under Secretary for Intelligence and Analysis at Department of Homeland Security (DHS), I helped to tackle these same issues while serving in the last administration. I commend DHS for picking up where we left off. And it is my hope that they can build on our path to strengthen this capability with the right outcomes from the start.

It is important that the NVC is a government asset and does not belong to one department or component. It is also important that the NVC is a truly joint facility that allows assignees from across the interagency to collaborate, co-train, and fuse intelligence and experience within the art of screening and vetting. I wish the first director of the NVC my very best: This problem is not insignificant and yet the solution is ever-critical to the protection of our homeland.

Press Release: CGA Principal Francis Taylor Keynotes 2018 IALEIA/LEIU Training Conference

Former DHS Intel Leader Raises Information Sharing Issues Critical to the Work of U.S. Intelligence & Law Enforcement Community

Anaheim, CA (April 9, 2018) Today, Cambridge Global Advisors (CGA) was proud to announce that Principal Francis X. Taylor, former Under Secretary for Intelligence and Analysis at the U.S. Department of Homeland Security, provided keynote remarks at the 2018 International Association of Law Enforcement Intelligence Analysts (IALEIA)/Law Enforcement Intelligence Units (LEIU) conference. The annual joint IALEIA/LEIU gathering brings together hundreds of information analysts, operators and law enforcement professionals for training and discussion on the nation’s most pressing homeland security threats.

Focusing on a theme of enhanced information sharing and technologies that promote “getting information to the point of attack” to enable better decision making, Mr. Taylor’s speech raised several top-of-mind incidents including the tragic Parkland, Florida school shooting, cyberattacks to U.S. critical infrastructure and the migration crisis putting pressure on European partners.

“This audience represents the tireless set of professionals keeping us safe on the home front, but it’s not enough for them to understand and communicate within their own communities effectively,” commented Taylor. “Today’s threats – such as terrorism acts, nation-state interference, criminal activities, or even rouge cyberattacks – often originate outside of the U.S. Events in any part of the world can impact any local jurisdiction in the bat of an eye.  That’s which is why national/international enhanced information sharing and technologies like artificial intelligence, innovative data aggregation tools represent the future of homeland security.”

The IALEIA/LEIU conference kicked off on Monday, April 9 and will run through the week, featuring panels, plenary sessions and training opportunities. Full remarks from Mr. Taylor’s speech will be available online following Monday’s speech at

###

About CGA
Cambridge Global Advisors is a strategic advisory services firm with deep expertise at the global, national, state and local levels – with a special emphasis on homeland and cybersecurity. CGA works with government, non-profit organizations, and Fortune 500 companies to provide consulting and project management services as well as public diplomacy, stakeholder engagement, and communications.  To learn more, visit www.cambridgeglobal.com or follow on Twitter at @camb_global

IN-THE-NEWS: Announcing IBM's Newest Research Report Topics

CGA Principals Douglas Lute & Francis Taylor were announced in IBM's Center for the Business of Government latest round of awards for new reports on key public sector challenges.  These awards and projects respond to priorities identified in the Center's research agenda and the content is intended to stimulate and accelerate the production of practical research that benefits public sector leaders and managers.

Lute and Taylor's report is expected in early 2018. A short summary is below:

"Integrating and Analyzing Data Within and Across Government: Key to 21st Century Security"

This report will focus on data gathering, analysis and dissemination challenges across the homeland security enterprise. It will address how these challenges will help DHS and stakeholders in the US and Europe increase the understanding of how best to leverage technology in meeting strategic, mission and operational needs. The report will highlight opportunities for governments to leverage data integration and analytics to support better decision making around cyber and homeland security. 

Click here to view a full list of other award winners.

PRESS RELEASE: Former U.S. Department of Homeland Security Under Secretary Francis X. Taylor Joins Cambridge Global Advisors as Principal

May 4, 2017 (Washington, DC) – Today, Cambridge Global Advisors (CGA) announced that Francis X. Taylor, former Under Secretary for Intelligence and Analysis (I&A) at the U.S. Department of Homeland Security (DHS), will join CGA as a Principal and Senior Advisor, advising on a variety of government, NGO, corporate and non-profit client projects in the national security and global affairs space.

At DHS, from 2014-2017, Taylor oversaw and carried out the mission of the Office of Intelligence and Analysis, equipping the Homeland Security Enterprise with the timely intelligence and information required to keep the homeland safe, secure, and resilient. 

Before his DHS appointment, Taylor served as Vice President and Chief Security Officer for the General Electric Company (GE) and was responsible for GE's security operations and emergency management processes. Taylor also had a distinguished career in public and military service, including serving as Assistant Secretary of State for Diplomatic Security and as the US Ambassador at-Large and Coordinator for Counterterrorism for the Department of State from 2001-2002. During his 31-year military career, Taylor achieved the rank of Brigadier General and oversaw counterintelligence and security operations for the US Air Force.

Of the recent appointment, Jake Braun, CEO of Cambridge Global Advisors said: “A home for many other former leaders at the Department of Homeland security, Cambridge Global is proud welcome Frank Taylor to our team. He brings a depth of knowledge and demonstrated leadership managing security operations in the military, government and corporate arenas.  We are pleased to be able to offer our clients the benefit of Frank Taylor’s high-level experience in the public and private sectors.”