The Department of Homeland Security (DHS) released its Blueprint for a Secure Cyber Future on Dec. 12. The Blueprint is a guideline with two main areas of action: protecting our critical information infrastructure today and building a stronger cyber ecosystem for tomorrow. The document explained:
Top 10 Cyber Security Threats of 2011 and Beyond
The next decade portends new threats that surpass those of years past in both intensity and impact.
The Blueprint is designed to protect our most vital systems and assets and, over time, drive fundamental change in the way people and devices work together to secure cyberspace. The integration of privacy and civil liberties protections into the Department's cybersecurity activities is fundamental to safeguarding and securing cyberspace.
DHS has some pretty ambitious plans with the Blueprint. The document lists four goals in better protecting the infrastructure and four more goals in developing a cyber ecosystem. From there, there are a total of 20 objectives between the two sets of goals and the role DHS will play in achieving those objectives.
Did I mention that it is ambitious? I took a look at the list of objectives and I got tired just reading it. It will be quite an undertaking in an area where people are still trying to figure out how to define cybersecurity jobs, as my colleague Susan Hall pointed out earlier this month, writing:
The federal government's difficulty in defining cyber security skills and roles were reiterated in an audit by the General Accountability Office. Its report found fragmented and overlapping efforts to attract, manage and retain the federal cyber security work force.
DHS was one of the eight agencies that the GAO studied and found failing when it came to coordinating, planning and evaluating cybersecurity work force efforts.
I applaud DHS for this undertaking. It isn't going to be easy and someone in government had to step up to take charge. According to Fierce Government:
Toward those goals DHS will take on a more active role with education, and research and development. Implementing the National Initiative for Cybersecurity Education will fall under DHS's purview, according to the plan. It will also work with the Defense Department and research agencies to develop cybersecurity capabilities.
Fierce Government also added that DHS wants feedback on the strategy. If you have a comment, you can email DHS at firstname.lastname@example.org. I hope security professionals and experts will take DHS up on its offer.