Secretary Napolitano today requested a comprehensive review of DHS efforts as they pertain to cyber security and our northern border strategy. These are two more aspects of what appears to be a net assessment of existing strategy and investments, and a determination of the delta between what those efforts deliver and what we need to succeed. Earlier this week, she issued five “Action Directives” seeking reviews of other DHS operations and plans.
For cyber, the Secretary poses the following questions, to be answered in an oral report by Feb. 3 and a final report due Feb. 17:
• What are the authorities and responsibilities of DHS for the protection of the government and private sector domains?
• What are the relationships with other government agencies, especially the departments of Defense, Treasury, and Energy, and the National Security Agency?
• What are the programs and timeframes to achieve the department’s responsibilities and objectives?
Concerning the “Northern Border Strategy,” the Secretary has requested that a review respond to the following questions with an oral report by Feb. 10 and a final report due Feb. 17:
• What are the current vulnerabilities?
• What is the overall strategy for reducing those vulnerabilities?
• What are the requirements, the programs, the budget, and the timeframe for improving security along this border?
• What level of risk will remain once the programs are completed?
The final question is a critically important one. However, assessing risk remains one of the challenges for the homeland security mission. The second of the so-far seven directives issued by the Secretary actually deals with risk analysis. By January 28, she wants to know the status of risk analysis metrics and how DHS “can enhance risk management as the basis of decision making.” Look for budget priorities to follow this review.