The United States Department of Defense (“DOD”) and Department of Homeland Security (“DHS”) have reached an agreement for joint action on cyber defense, marking a shift in strategic direction and a new focus on private businesses in critical infrastructure sectors. The agreement, signed by Defense Secretary James Mattis and DHS Secretary Kirstjen Nielsen, is intended to lead to increased sharing of information and intelligence relating to cyberattacks. Concluded in the days leading up to the 2018 midterms, the agreement also makes resources available to protect elections from foreign interference.
The new DOD/DHS agreement follows a wider refresh of the U.S. government’s approach to cybersecurity and defense. In September 2018, President Donald Trump signed an executive order lifting Obama-era restrictions on the Pentagon’s ability to respond in kind to cyberattacks launched by foreign governments. The DOD subsequently published a new, more aggressive cyber defense policy, including “day-to-day competition to preserve U.S. military advantages and to defend U.S. interests.”
As DHS Assistant Secretary Jeanette Manfra explained to a joint session of the House Armed Services and House Homeland Security committees, “[t]his agreement clarifies roles and responsibilities between [DOD and DHS] to enhance U.S. government readiness to respond to cyber threats and establish coordinated lines of efforts to secure, protect, and defend the homeland.”
A new feature of the joint initiative is a range of pilot or “pathfinder” programs under which the government will share information about potential cyber threats with private industry, allowing businesses to protect network infrastructure from attacks. For their part, private sector companies will provide information about security threats to DHS. According to Kenneth Rapuano, Assistant Secretary of Defense for Homeland Defense and Global Security, such information will be passed on to the Pentagon “to inform DOD cyberspace operations.”
Under the proposed plan, DHS will provide cybersecurity advice and assistance to private businesses in 16 industries classed as “critical infrastructure,” with recipients ranging from chemical and power plants to companies operating in the energy, financial, and communications sectors. Senior intelligence and military officials have raised concerns that hackers working for state actors are increasingly targeting the private sector, taking advantage of companies’ lack of sophisticated cyber defense tools and their inability to take offensive action in response to attacks.
Asked by lawmakers whether the new agreement would violate laws that restrict the DOD’s actions within the United States, Ms. Manfra and Mr. Rapuano said that the Pentagon would continue to operate within “constitutional constraints.” Mr. Rapuano noted that, in the Pentagon’s view, any “significant threat to national critical infrastructure is a national security concern,” adding that countering domestic cyber threats “remains a DHS mission.” Under the terms of the agreement, DOD would limit its involvement to “civil support to civil authorities in areas where their needs exceed their capabilities.”
As American voters went to the polls on November 6, 2018, the Pentagon dispatched 11 agents to the DHS’ National Cybersecurity and Communications Integration Center in Pensacola, Florida, to monitor cyber threat activity on Election Day.
