Gartner Blog Network

DHS Takes Steps In The Right Direction

by John Pescatore  |  February 3, 2010  |  Submit a Comment

I’ve reviewed several national cybersecurity plans for Gartner international government clients, as well as blogged some reviews here pundit-style on the various national cybersecurity strategies the US has published. They all tend to suffer from a common flaw: they focus way too much on monitoring and measuring attacks and way too little on avoiding and eliminating vulnerabilities and avoiding attacks.

This is sort of ingrained behavior in government agencies, especially on the Intelligence Community side – the desire is to be the owner of the information on threats vs. the one who might be responsible if an attack succeeds.   The idea of reducing vulnerabilities to the “good enough security level” to allow business to move forward is a foreign idea. This is why trying to mix cyber-offense and cyber-defense on the government side is such a bad idea. Information ownership is power, especially when it comes to justifying next year’s budget requests.

However, I’ve seen some positive steps. US Department of Homeland Security Secretary Napolitano recently released DHS’s Fiscal Year 2011 budget request, with the following items highlighted under “Safeguarding and Securing Cyberspace:”

  • National Cyber Security Division (NCSD): Total funding of $379M is requested for the NCSD to support the development of capabilities to prevent, prepare for and respond to incidents that could degrade or overwhelm the Nation’s critical information technology infrastructure and key cyber networks. These funds will identify and reduce vulnerabilities, mitigate threats and ensure that cyber intrusions and disruptions cause minimal damage to public and private sector networks.
  • National Cyber Security Center (NCSC): A total of $10M is requested for the NCSC to enhance cyber security coordination capabilities across the Federal Government including mission integration, collaboration and coordination, situational awareness and cyber incident response, analysis and reporting, knowledge management, and technology development and management.

The key phrases that are good to see: “identify and reduce vulnerabilities” and “ensure that cyber intrusions and disruptions cause minimal damage…” Very realistic approach to making real progress – and not far from the recommendations Howard Schmidt, Gary Mcgraw and I made at the cybersecurity keynote panel at the last Gartner Information Security Summit. Also good to see that the amount of funding for this initiative is 38x the request for more “coordination” funds.

With all budget battles, as in most things, the devil is in the details but this is an encouraging sign.


John Pescatore
VP Distinguished Analyst
11 years at Gartner
32 years IT industry

John Pescatore is a vice president and research fellow in Gartner Research. Mr. Pescatore has 32 years of experience in computer, network and information security. Prior to joining Gartner, Mr. Pescatore was senior consultant for Entrust Technologies and Trusted Information Systems… Read Full Bio

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.