Recent high-profile attacks by malicious state and non-state actors against both commercial interests and government elections, which play a vital role in our democratic process, have created a renewed sense of urgency to better understand and protect critical operations. In the past few years cybersecurity has come to the forefront and is now considered a critical issue for local governments, particularly now that the current threat environment has moved from stateside hackers to sophisticated nation-state sponsored actors.
While federal and industry cybersecurity challenges have deservedly received much attention and funding to protect against cyber threats and hostile actors, state, local and tribal preparedness and mitigation efforts have been a much lower priority. With Homeland Security Secretary Kirstjen Nielsen’s establishment of DHS’ State, Local, Tribal and Territorial (SLTT) Cyber Security Task Force, it can get much-needed focus and resources.
The mandate of the SLTT Cybersecurity Task Force is to identify issues, develop strategies, create collaboration and implement solutions for cyber and physical challenges faced by stakeholders at the state, local and tribal levels. As in federal security, all parties need a common understanding of the threat, mechanisms to mitigate the threat, and the ability to detect and disrupt the threat.
The new panel will chaired by Paul Goldenberg, president and CEO of Cardinal Point Strategies, LLC, and vice-chaired by Frank Cilluffo, director of the McCrary Institute for Cybersecurity and Critical Infrastructure Protection at Auburn University.
The subcommittee members include some of America’s most esteemed and highly respected authorities in this field. “Throughout my career, I have had the privilege to work closely with national organizations representing local government such as the National Association of Counties (NACO) and County Executives of America (CEA),” Goldenberg said.
Linda Langston, president emeritus of the National Association of Counties, said, “The work that has been done by Paul on Leading Through Crisis (LTC), a groundbreaking training course for elected and appointed officials addressing risk to state and local governments, has been critical as we face a constantly evolving landscape of threats to our cyber systems, manmade crisis and natural disasters. He is uniquely positioned to take on this important work.”
Cilluffo also brings a special expertise to the Task Force as he is a frequent expert witness, commentator, and author on cybersecurity and national security matters. He is well-known in Washington public policy circles for his longtime involvement in homeland security issues with George Washington University.
Goldenberg and Cilluffo have many combined years of experience working in outreach and planning with security stakeholders. Both are well known for their dedicated work and public service. I have personally worked with Paul on many homeland security-related projects over the years. He has dedicated his professional life to serving others at the community level during his esteemed career in law enforcement, academia, and in the private sector. He not only understands the intricacies of these issues, he lives them.
The Task Force will be addressing issues identified by the Department of Homeland Security (DHS) and the National Association of State Chief Information Officers (NASCIO). These include, but are not limited to: governance enterprise cybersecurity, strategy and planning, budget and acquisition, risk identification and mitigation, incident response, information sharing, workforce and education, and training.
Specifically, as quoted from their goals, the State, Local, Tribal, and Territorial (SLTT) Cybersecurity Task Force mandate will be to provide recommendations regarding the following issues surrounding SLTT Cybersecurity: “Our nation faces serious and evolving cyber threats. As cyber and physical systems become more interconnected, the digital attack surface is extending further into our daily lives, with the potential for malicious cyber actors to create dangerous, real-world effects. Federal, State, Local, Tribal, and Territorial (SLTT) entities must collaborate and coordinate extensively with critical infrastructure private sector owners, operators, and stakeholders to identify and address these cybersecurity challenges. All parties need a common understanding of the threat, mechanisms to mitigate the threat, and the ability to detect and disrupt the threat. The SLTT Cybersecurity Subcommittee will examine DHS cybersecurity engagement with SLLT partners, and the Subcommittee will provide recommendations for improving DHS support to these stakeholders in order to better protect our nation’ s networks and systems.”
The subcommittee’ s mandate will include but is not necessarily limited to:
- “How can DHS most efficiently and effectively, across all DHS components, support SLTT agencies and partners in pursuing cybersecurity and resilience of their 1T infrastructure, to include incident response and recovery?
- What programs, services, and outreach should DHS prioritize that would provide the greatest benefit to SLTT stakeholders in reducing risks to IT infrastructure?
- How effective has the Homeland Security Grant Program been in addressing cybersecurity risks at the SLTT levels? How could the Homeland Security Grant Program, including associated grant guidance and technical assistance, be best structured to address cybersecurity risks?”
More than challenges, the creation of this Task Force will create opportunities. Most first responders and law enforcement operate at a state, local and tribal level. They are at the core of the nation and helping assist them in their missions, including dealing with cybersecurity issues in an era of interconnectivity, is paramount for homeland security.