The Department of Homeland Security is trying to replicate a strategy used by the Department of Defense to protect and defend its networks, and the plan could soon be used across the entire federal government.
DHS is currently assessing its 16 federated security operations centers (SOCs) to determine which agencies meet the parameters by which they could offer services to other agencies in need of various services, according to DHS Chief Information Security Officer Paul Beckman.
“We are trying to figure out how we collectively get our arms around all those SOCs and how we optimize that,” Beckman told a crowd at the 2019 IT Modernization Summit, presented by FedScoop.
Beckman said the process is following the DOD’s Cybersecurity Service Provider (CSSP) model. That program assesses which internal security centers hit a number of benchmarks. When one center is qualified to provide a certain level of security, other internal agencies can use those centers for their own security operations.
“We are going to be setting maturity standards, then going out and audit against those standards,” Beckman said. “Those who meet those standards become ‘Centers of Excellence’ and are able to offer security services to anyone that does not meet those standards.”
The way this model would potentially work is an agency under DHS — for instance, the Federal Emergency Management Authority — would become a “Center of Excellence” and provide SOC services and capabilities to other component agencies like the Transportation Security Administration, U.S. Citizenship and Immigration Services, or any other agency that needs assistance with its cybersecurity operations.
While the plan could take years to unfold — a DHS source told CyberScoop that the SOC model wouldn’t be fully operational until 2021 — Beckman’s efforts have already caught the attention of DHS’s Cybersecurity and Infrastructure Security Agency (CISA) and the White House’s Office of Management and Budget.
“I will be doing this internally for all of DHS,” Beckman said. “CISA and OMB will be emulating the exact same thing for all external [government agencies].”
The project leans on the shared services model, which has been something the Trump administration has been pushing for it its quest for agencies to modernize their IT systems. Representatives from the General Services Administration have pushed for initiatives that use a shared services model as a way for agencies to get funding through the Technology Modernization Fund, the government program that funds agency IT projects and then allows winners to pay back money over five years.