Homeland Security Department says it's preparing to increase its cybersecurity activities across the federal government.

In its recently-released Bottom Up Review (.pdf), DHS says it is "responsible for the protection of Federal networks (the .gov domain), excluding civilian national security systems."

DHS's role in federal cybersecurity efforts has grown notably in the past months. A July 6 Office of Management and Budget memo placed the department in an oversight role over other civilian agencies and an April 21 OMB memo instructed agencies to use a DHS cybersecurity status reporting tool.  

The Bottom Up Review states that DHS will "increase its cybersecurity activities" without specifying exactly how it will do so, although it does say that the department will seek new models for developing and acquiring new cybersecurity technologies. Those new models could include leasing, technical service agreements and the development of a secondary cybersecurity market in state, local, tribal and territorial governments, the review states.

The department also will build a new predictive analytical capability, the report states, a predictive capability meant for use in identifying adversaries, establishing deterrence strategies, and for promoting "a more accurate understanding of emerging cyber threats." Creation of the predictive capability will require DHS to establish a way to categorize, store and retrieve cyber information from DHS databases, in a manner "consistent with protection of privacy, civil rights, and civil liberties," the review states.

DHS will also focus a headquarters office known as the National Protection and Programs Directorate more closely on operations and move to align cyber protection and critical infrastructure protection efforts more closely.

In addition, the Bottom Up Review calls for DHS to create an integrated information sharing architecture across its components so that information can be found in near real time. "DHS is uniquely authorized and positioned to fuse and analyze intelligence, law enforcement, screening and other information gathered through encounters with travelers and commercial entities in order to prevent terrorist travel, finance, and operations," the review states.

Reviews of the review haven't been stellar--at least not in Congress. The review "is not the 'deep dive' that Congress was promised," said House Homeland Security Committee Chairman Bennie Thompson (D-Miss.). DHS was created so quickly that not enough thought went into its organization and management, Thompson said. "This review was a chance to 'get it right' but, unfortunately, it seems to miss the mark," he added.

Sen. Susan Collins, the senior Republican on the Senate Homeland Security and Governmental Affairs Committee, said the review "is disappointingly short on the programmatic and organizational details that would be necessary for it to serve as a roadmap."

For more:
- read the Bottom Up Review (.pdf)
- see the responses of Rep. Thompson and Sen. Collins to the review

Related Articles:
IARPA looks to the future
DHS gains cybersecurity oversight power
House approves GRID Act