DHS seeking to prioritize funding to enable the Department to “rapidly and responsibly acquire much needed operational capabilities and equip the Department to address long-standing Federal network security vulnerabilities”, according to language in the DHS 2014 Appropriations Bill in Congress.
While reading the 2014 Department of Homeland Security (DHS) Appropriations Bill on the Congressional website I was stunned to find language which indicated, among other things, that the department still needed to address serious and ongoing security problems and concerns including prioritizing funding for “Federal network security vulnerabilities.”
“The Committee’s intent is to prioritize funding for vital frontline security operations; enable the Department to rapidly and forcibly address current threats, including the type of improvised explosive device attack perpetrated at the finish line of the Boston Marathon; enable the Department to rapidly and responsibly acquire much needed operational capabilities; equip the Department to address long-standing Federal network security vulnerabilities; push the Department to set clear and well-reasoned priorities that align to stated mission requirements; and require the Department to practice sound financial and program management that disciplines funding and aligns resources to results in terms of improved security. Moreover, the bill mandates that the Department budget adequately to support known and expected costs of operations, including disaster relief; strengthen vital preparedness and response partnerships between and among Federal, State, local, tribal, and private sector entities; and move the Department toward the lean and responsive organization it was envisioned to be when it was established in 2003.”
“The Committee remains deeply committed to helping the Department confront long-standing and emergent homeland security threats, and sincerely appreciates the hard work and dedication of the thousands of agents, officers, Coast Guard personnel, field staff and administrative and support staff who make it their business every day to enforce Federal laws, work to keep the Nation safe from terrorist threats, and improve the Nation’s resiliency to disasters” (source: House Report 113-091 -Department of Homeland Security Appropriations Bill 2014 http://thomas.loc.gov).
Various attempts to find out what exactly these vulnerabilities are remain unanswered at this point, except that it may deal with its ability to reduce its ongoing cybersecurity risks to Federal Executive Branch Agency networks and systems.
I should add that the Department for Homeland Security has repeatedly refused comment in this situation and has denied or chosen to ignore our requests for information regarding these outstanding vulnerabilities in its network security.
This is not to say that the Department is not actively trying to address these security issues – because they are – they just are not addressing them fast enough in my opinion (see related article: “Agencies improving security of IT networks slowly, but surely”, http://www.federalnewsradio.com/513/3352674/Agencies-improving-security-of-IT-networks-slowly-but-surely).