Homeland Security Secretary John Kelly laid out the new administration’s priorities for his department Tuesday, listing cybersecurity alongside defending the nation’s borders and stopping terrorist attacks — but providing far fewer details about the online defensive mission than about the other two.
“We live in an interconnected world,” Kelly told a packed theater at the George Washington University in his first major policy address since taking office in January. “That’s not a trend, that’s reality. We rely on technology for everything from programming our coffee makers to running global corporations. This reliance, perhaps over-reliance, brings risks … These digital threats are no less significant than threats in the physical world,” he said.
In a section of prepared remarks he did not deliver, apparently due to time constraints, he ridiculed “the plodding pace of bureaucracy,” and the government’s arthritic procurement system, comparing it to “sending troops to take Fallujah armed with muskets and powdered wigs.”
“We’re leading the charge in upgrading outdated [federal IT] systems,” he said, reiterating an administration theme that the security of federal systems depends on their renewal. He added that “partnering with industry” was essential. “No more muskets,” he concluded, “Our federal cybersecurity needs heavy artillery.”
Later, during the Q&A with Frank Cilluffo, the president of GWU’s Center for Cyber and Homeland Security, Kelly said that President Trump himself was involved in cybersecurity policy and outreach to the private sector. “It’s something that certainly President Trump has [personally] taken on and organized and is very, very involved in outreaching,” he said. “The government, god knows, can’t do it by itself.”
He provided a glimpse of the frustrations leadership faces at the troubled department, which was formed from a merger of more than 20 different sections and offices from several Cabinet agencies and continues to have problems gelling as a single entity. “It’s amazing, the maze that is DHS in terms of its … acquisition projects.” He broke off the description midway, concluding, “Anyway, we’re going to fix all that.”
The lack of detail, and Kelly’s previous mixed messages about DHS’s cyber role, raised questions about whether cybersecurity’s place as a top-tier issue for the department might be slipping, as major cyber posts remain unfilled and as leaders get to grips with other priorities like the border wall, drug interdiction and implementing the president’s commitments to a travel ban and extreme vetting for refugees.
But former officials from both parties pushed back against that suggestion Tuesday.
“It’s too early to make that judgment,” said Suzanne Spaulding, who was the undersecretary in charge of the National Programs and Protection Division under the Obama administration.
Her feeling was echoed by Greg Garcia, a Bush-era senior DHS official who said that the purpose of such a speech — an opening major policy address — was not to provide details but to “sketch out the world as Secretary Kelly sees it and outline how the department plans to deal with it.”
Details would come, he said as those broad outlines “cascaded down” through the ranks, once key appointments were made.
James Norton, who worked at the department under its first secretary, Tom Ridge, added that “program budget requests are the ultimate truth-teller of administration priorities,” noting that in budget outlines for the coming fiscal year, cybersecurity spending for DHS would be boosted by $2.1 billion. “There is no clearer answer [to questions about] cyber being a top priority for Secretary Kelly and the Trump administration,” he said.