In accordance with the Department of Homeland Security (DHS) Quadrennial Homeland Security Review, the agency has published and released strategy guidelines for the enforcement of cybersecurity.
The document, titled Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise, is meant to provide a road map for cybersecurity efforts while observing the the need to preserve civil liberties, protect privacy, bolster national security, and provide the ability for the private sector to effectively operate and innovate in cyberspace.
"This strategy provides a blueprint for a cyberspace that enables innovation and prosperity, advances our economic interests and national security, and integrates privacy and civil liberties protections into the Department’s cybersecurity activities. The strategy is designed to protect the critical systems and assets that are vital to the United States, and, over time, to foster stronger, more resilient information and communication technologies to enable government, business and individuals to be safer online," DHS Secretary Janet Napolitano stated.
The document acknowledges the the increasingly complex nature of cybersecurity and the challenges both the public and private sectors are encountering in the face of rapidly emerging threats on the cyber landscape.
"Today in cyberspace, the Nation faces a myriad of threats from criminals, including individual hackers and organized criminal groups, as well as technologically advanced nation-states. Individuals and well-organized groups exploit technical vulnerabilities to steal American intellectual property, personal information, and financial data. The increasing number and sophistication of these incidents has the potential to impact our economic competitiveness and threaten the public’s ability to access and obtain basic services," Napolitano continued.
Key to the strategy is the continued effort to spawn increased cooperative efforts between government and the private sector, as well as a call for individuals to step up efforts to combat cybersecurity threats by advocating for shared responsibility in a distributed environment.
"Government, non-governmental and private sector entities, as well as individuals, families, and communities must collaborate on ways to effectively reduce risk," Naploitano said.
From the document's introduction:
The Blueprint is designed to protect our most vital systems and assets and, over time, drive fundamental change in the way people and devices work together to secure cyberspace. The integration of privacy and civil liberties protections into the Department’s cybersecurity activities is fundamental to safeguarding and securing cyberspace.
The Blueprint lists four goals for protecting critical information infrastructure:
• Reduce Exposure to Cyber Risk
• Ensure Priority Response and Recovery
• Maintain Shared Situational Awareness
• Increase Resilience
These goals are supported by nine objectives. Each objective is dependent on a variety of capabilities that, when implemented, will work in tandem to effectively anticipate and respond to a wide range of threats.
Some of the cybersecurity capabilities described in the Blueprint are robust and at work today, while others must be expanded. Still others require further research and development. All necessitate a collaborative and responsive cybersecurity community.
The Blueprint also lists four goals for strengthening the cyber ecosystem:
• Empower Individuals and Organizations to Operate Securely
• Make and Use More Trustworthy Cyber Protocols, Products, Services, Configurations and Architectures
• Build Collaborative Communities
• Establish Transparent Processes
These goals are supported by eleven objectives, and depend on a broad set of capabilities, described in the Strategic Concept section of the Blueprint.
The full text of the Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise can be found here: