Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/26/2011
03:22 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Homeland Security Revamps Cyber Arm

National Protection and Programs Directorate will add a new deputy undersecretary for cybersecurity and shift other non-cybersecurity responsibilities onto another official.

Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters
The National Protection and Programs Directorate, the Department of Homeland Security agency that handles many of the government's cybersecurity responsibilities is about to get a makeover in the wake of the departure of former deputy undersecretary Phil Reitinger. The directorate, among other things, is in works to secure federal civilian agency networks and coordinate cybersecurity with the private sector.

In an email obtained by InformationWeek, DHS undersecretary Rand Beers announced to staff that, in response to "the growing importance of cybersecurity to DHS and the nation as a whole," DHS is splitting Reitinger's former job in two. DHS will now have one new deputy undersecretary position that exclusively deals with cybersecurity and another that helps protect critical infrastructure, secures federal facilities, and the manages the US-VISIT biometric identity management system used to identify and track foreign visitors.

Beers wrote that the agency would "shortly" announce the name of the permanent deputy undersecretary for cybersecurity, but in the interim, Greg Schaffer, a former Alltel and PricewaterhouseCoopers exec who had been Reitinger's second-in-command since 2009, will serve as acting deputy undersecretary for cybersecurity.

[ The federal government is seeking help in fighting cyber criminals. Read: Feds Seek Advice To Battle Botnets ]

The DHS has taken on a growing role in cybersecurity over the last several years. "This position will help the directorate ensure robust operations and strengthened partnerships in the constantly evolving field of cybersecurity," Beers wrote in the email, the authenticity of which was confirmed by a DHS spokesman.

Whoever takes the new position will have to deal with significant recent turnover in top leadership. In addition to the departure of Reitinger, Sean McGurk, the former director of DHS' National Cybersecurity and Communications Integration Center, left his post effective last Friday, and Randy Vickers, former director of the United States Computer Emergency Response Team (US-CERT), abruptly resigned in July.

In managing US-VISIT, facilities security, and DHS' work with critical infrastructure sectors, the other new deputy undersecretary job, to be filled by long-time intelligence community and congressional staffer Suzanne Spaulding, will continue to have IT-related responsibilities.

Spaulding, who will join DHS in October, was most recently a principal for the Bingham Consulting Group. Spaulding has served as senior counsel to former Sen. Arlen Specter, R-Penn., a top staffer for both the House of Representatives' and Senate's Select Committee on Intelligence, assistant general counsel at the Central Intelligence Agency, and a member of numerous government commissions on national security issues.

In the new, all-digital issue of InformationWeek Government: As federal agencies close data centers, they must drive up utilization of their remaining systems. That requires a well-conceived virtualization strategy. Download the issue now. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Data Leak Week: Billions of Sensitive Files Exposed Online
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/10/2019
Intel Issues Fix for 'Plundervolt' SGX Flaw
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5252
PUBLISHED: 2019-12-14
There is an improper authentication vulnerability in Huawei smartphones (Y9, Honor 8X, Honor 9 Lite, Honor 9i, Y6 Pro). The applock does not perform a sufficient authentication in a rare condition. Successful exploit could allow the attacker to use the application locked by applock in an instant.
CVE-2019-5235
PUBLISHED: 2019-12-14
Some Huawei smart phones have a null pointer dereference vulnerability. An attacker crafts specific packets and sends to the affected product to exploit this vulnerability. Successful exploitation may cause the affected phone to be abnormal.
CVE-2019-5264
PUBLISHED: 2019-12-13
There is an information disclosure vulnerability in certain Huawei smartphones (Mate 10;Mate 10 Pro;Honor V10;Changxiang 7S;P-smart;Changxiang 8 Plus;Y9 2018;Honor 9 Lite;Honor 9i;Mate 9). The software does not properly handle certain information of applications locked by applock in a rare condition...
CVE-2019-5277
PUBLISHED: 2019-12-13
Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak vulnerability. Due to improper configuration, the attacker may cause information leak by successful exploitation.
CVE-2019-5254
PUBLISHED: 2019-12-13
Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600;NIP6800;S5700;SVN5600;SVN5800;SVN5800-C;SeMG9811;Secospace AntiDDoS8000;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG6000V;eSpace U1981) have an out-of-bounds read vulnerability. An attacker who logs in to the board m...