The views expressed by contributors are their own and not the view of The Hill

Cyber: The buck stops with the Coast Guard

What ever happened to Harry Truman’s famous slogan “the buck stops here”? Testifying before the Senate this week, the director of the Office of Personnel Management (OPM) stated no one is responsible for the most massive cyber espionage theft in modern history. If that is true, twelve years and billions of dollars have been wasted in the attempt to create a credible cyber operation responsible for securing the federal government’s networks, systems, and data within the U.S. Department of Homeland Security (DHS).

DHS’s first attempt to create a cyber operation was the Infrastructure Analysis and Infrastructure Protection Directorate (IAIP), designed to fuse real-time intelligence across the government and private sector.  IAIP was a colossal failure, one of the many victims in the understaffed and overburdened department’s turf wars and uphill battle to establish an institutional presence.  After IAIP crumbled and broke stakeholder’s confidence in fusing information, DHS began its second attempt, propping up the National Protection and Programs Directorate (NPPD) as the cyber security authority.  However, DHS failed to correct the issues that led to IAIP’s demise, and NPPD suffers from many of the same woes.

{mosads}In the wake of the recent cyber attack on OPM, one component of DHS has stood out as a leader in cybersecurity, but it is not NPPD.  Instead, it is the U.S. Coast Guard, which under the leadership of the Commandant Admiral Paul F. Zukunft released a complex cyber strategy outlining a framework for combatting cyber threats facing our maritime transportation system and infrastructure.  Admiral Zukunft recognized a critical need to defend cyberspace and faced it head on by installing a new cyber command within the Coast Guard staffed by 70 program pioneers.  The cyber command will head the Coast Guard’s efforts and weave cyber security into its overall mission and operations.  This ability to quickly evolve as the world changes is nothing new to the Coast Guard.  It has protected mariners for centuries, but over time has added has drug interdiction and counterterrorism to its tireless efforts.  

While it may sound unorthodox, Congress should task the Coast Guard with managing DHS’s cyber security mission and dispense with the NPPD.  Recent developments demonstrate the Coast Guard possesses precisely what the NPPD—and the IAIP before it—lack.  The Coast Guard is a heroic organization with a track record of success that spans over two centuries.  This stands in sharp contrast to NPPD, which is a new kid on the block and struggles to earn the trust of stakeholders.  The Coast Guard possesses a clear chain of command.  The Commandant and undisputed leader, heads an organization of over 40,000 with operational command across the globe.  Compare this with DHS at large, where one fifth of the top positions are vacant to include almost all domestic policy positions.  Even if these positions were full, six out of the eight top positions at NPPD and many other component leaders within DHS have some authority over cyber, creating a coordination issue that makes it difficult for NPPD to accomplish anything.  Further, the Coast Guard has a leader who clearly takes cybersecurity seriously, while the rest of DHS and the administration have failed to prioritize this all-important issue.

Finally, the Coast Guard’s unique position as both a domestic and military organization is perfect for combating cyber threats.  The defense department has a mature understanding of the legislative and budgeting process and has spent considerable resources to stand up cyber operations within the Army, Navy, Marines and Air Force respectively.  The military’s institutional knowledge and resources would be valuable tools available to the Coast Guard should it manage cyber operations for DHS.  What is more, the Coast Guard is a core member of the Joint Chiefs and represents DHS at the defense table and routinely interacts with private sector leaders.  While NPPD has struggled to establish meaningful partnerships with stakeholders, the Coast Guard could bridge this gap by brokering its embedded and trusted relationships with the defense department, the intelligence community, and private industry.

The recent attack on OPM sounded the cyber alarm bell.  “Winter is coming,” and Americans deserve and need a strong, competent, and smart cybersecurity command to keep them safe.  Congress must end the syphoning of billions of taxpayer dollars to a broken program and instead should channel resources to the one organization fit for the task: the venerable U.S. Coast Guard.

Norton is a homeland-security and public-safety policy expert. He has served as a senior defense-industry executive and as Deputy Assistant Secretary of the U.S. Department of Homeland Security in the Office of Legislative Affairs. He is an adjunct professor at Johns Hopkins University, teaching courses on cyber, homeland security and the legislative process. Follow him on twitter @jamesnorton99

Tags

Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed..

 

Main Area Top ↴

Testing Homepage Widget

More Homeland Security News

See All

 

Main Area Middle ↴
Main Area Bottom ↴

Most Popular

Load more

Video

See all Video