DOD needs to better collaborate with DHS on cyberdefense, IG says

(DOD / Lisa Ferdinando)

Share

Written by

The Department of Defense’s work to help defend the cybersecurity of critical infrastructure needs a stronger implementation plan in its collaboration with the Department of Homeland Security, the DOD inspector general reported Tuesday.

The IG examined the implementation of a 2018 memorandum that outlined the partnership between the two departments on how they can coordinate the protection of critical infrastructure without violating their jurisdictions. The watchdog found DOD’s work lacks milestones and implementation plans for joint operations and general collaboration with DHS, which could put the nation’s cyberdefense of its critical infrastructure at risk.

“Without an implementation plan that clearly defines roles and responsibilities and identifies milestones and completion dates, the DoD may not be able to sustain collaboration with the DHS in protecting the Nation’s critical infrastructure,” the report states.

DHS’s IG also did an investigation, but it does not appear to be published yet.

DHS has the authority to protect the U.S. homeland, with its Cybersecurity and Infrastructure Security Agency taking the lead on cyberdefense, whereas DOD operates largely outside of the U.S. in both offensive and defensive operations. With the omnipresence of cyberthreats that can emanate both in and outside the U.S., the two departments have worked together to defend critical infrastructure. The first memorandum between the departments was signed in 2010.

The report complimented some of what the two agencies have done to date, like processes the departments established for how each can request help from the other. But recent hacks like the SolarWinds breach show the criticality of implementing more collaborative processes, the report said.

“[T]he compromise continues to show the importance and criticality of the DoD’s and DHS’s ability to respond to any and all cyber threats, which would be significantly improved by implementing a plan to accomplish shared goals in the 2018 joint memorandum,” it stated.

The Pentagon agreed with most of the specific recommendations, stating it would work to create implementation plans and more collaboration. But the vice director of the Joint Staff said the military would seek “interdepartmental consensus” on how to best move forward.

-In this Story-

Critical Infrastructure, Cybersecurity and Infrastructure Security Agency (CISA), Department of Defense (DOD), Department of Homeland Security (DHS), Inspector General
TwitterFacebookLinkedInRedditGmail