When the Department of Homeland Security announced the formation of a new National Risk Management Center in July to handle cybersecurity threats and engage with the private sector, some wondered how the center’s mission would overlap or conflict with another DHS organ, the National Cybersecurity and Communications Integration Center. Matthew Travis, deputy undersecretary of the National Protections and Programs Directorate, elaborated further on how DHS views the differing missions of the NCCIC and the NRMC while giving a speech at an Aug. 28 conference in Washington D.C. The NCCIC, Travis said, will still serve as a threat and information sharing hub designed to react to problems and facilitate cooperation with state, local, private and critical infrastructure sectors in the face of immediate threats, like the ransomware attack that hit Atlanta earlier this year or the 2017 WannaCry attacks. The center will continue its role sharing threat indicators, conducting trainings, providing malware analysis for specific incidents and sending out technical advisories about emerging threats.
“With NCCIC…we have situational awareness of what is going on in cyberspace, what’s going on in the dot gov domain through programs like EINSTEIN and the federal dashboard, and through liaisons who sit on the NCCIC floor to share information when something happens,” Travis said. “There’s nothing trivial about ransomware attacks or other types of attacks…but some of them are not going to rise to the level of national critical functions.”
The NRMC, Travis said, will be more geared toward tackling longer-term, systemic cyber threats that affect the public, private and critical infrastructure sectors. He pointed to issues like shoddy technology supply chain protocols and formulating long-term strategies for protecting the electrical grid and election infrastructure as examples of issues that will define the center’s purview. The NRMC is currently developing a list of national critical functions.
Full Article: Focusing on the long tail of cybersecurity — FCW.