The National Strategy for Secure Cyberspace strategic plan states that its strategic objectives are "consistent with the National Strategy for Homeland Security' and that those objectives include: (1) prevention of cyber attacks against America's critical infrastructure; (2) reduction of national vulnerability to cyber attacks and; (3) minimization of damage and recovery time from cyber attacks that do occur. (White House, 2003) This report additionally relates that the sector best equipped and structured in providing a response to cyber threats which are constantly evolving is the private sector. Specifically stated in the report is "Public-private engagement is a key component of our Strategy to secure cyberspace. Public-private partnerships can usefully confront coordination problems. They can significantly enhance information exchange and cooperation." (White House, 2003) Under this strategy to secure cyberspace it is stated that engagement between the pubic and private sectors will take various forms and additionally will "...address awareness, training, technological improvements, vulnerability remediation, and recovery operations." (White House, 2003) the Department of Homeland Security was signed into legislation on November 25, 2002. DHS is a "cabinet-level department" that serves to "unite 22 federal entities for the common purpose of improving" homeland security in the United States. Responsibilities of the Secretary of DHS include: (1) development of a comprehensive national plan for securing the key resources and critical infrastructure of the United States; (2) Providing crisis management in response to attacks on critical information systems; (3) Providing technical assistance to the private sector and other government entities with respect to emergency recovery plans for failures of critical information systems; (4) coordination with other agencies of the federal government to provide specific warning information and advice about appropriate protective measures and countermeasures to state, local, and nongovernmental organizations including the private sector, academia, and the public; and; (5) Performing and funding research and development along with other agencies that will lead to new scientific understanding and technologies in support of homeland security. (White House, 2003) Five national priorities stated by the National Strategy to Secure Cyberspace are the following: (1) a National Cyberspace Security Response System; (2) a National Cyberspace Security Threat and Vulnerability Reduction Program; (3) a National Cyberspace Security Awareness and Training Program; (4) Securing Governments' Cyberspace; and (5) National Security and International Cyberspace Security Cooperation. (White House, 2003) Stated as eight major actions and initiatives for cyberspace security response are the following: (1) establishment of a public-private architecture for responding to national-level cyber incidents; (2) Provide for the development of tactical and strategic analysis of cyber attacks and vulnerability assessments; (3) Encourage the development of a private sector capability to share a synoptic view of the health of cyberspace; (4) Expand the Cyber Warning and Information Network to support the role of DHS in coordinating crisis management for cyberspace security; (5) Improve national incident management;(6) Coordinate processes for voluntary participation in the development of national public-private continuity and contingency plans; (7) Exercise cybersecurity continuity plans for federal systems; and (8) Improve and enhance public-private information sharing involving cyber attacks, threats, and vulnerabilities.
Stated as the eight major actions and initiatives to reduce threats and related vulnerabilities are the following: (1) Enhance law enforcement's capabilities for preventing and prosecuting cyberspace attacks; (2) Create a process for national vulnerability assessments to better understand the potential consequences of threats and vulnerabilities; (3) Secure the mechanisms of the Internet by improving protocols and routing; (4) Foster the use of trusted digital control systems/supervisory control and data acquisition systems; (5) Reduce and remediate software vulnerabilities; (6) understand infrastructure interdependencies and improve the physical security of cyber systems and telecommunications; (7) Prioritize federal cybersecurity research and development agendas; and (8) Assess and secure emerging systems.
III. The DHS (DEPARTMENT of HOMELAND SECURITY) INTELLIGENCE ENTERPRISE STRATEGIC PLAN
Stated as goals that "encompass the breadth of activities of the Department of Homeland Security Intelligence Enterprise" and that illustrates where efforts will be concentrated in the improvement of capabilities are those as follows:
Goal 1: Requirements, Collection and Dissemination: Ensure all Homeland Security intelligence-related information is gathered, collected, reported, and disseminated to those who need it.
Goal 2: Analysis and Warning: Be the premier provider of Homeland Security intelligence analysis and warning.
Goal 3: Information Sharing & Knowledge Management: Build and implement an intelligence information systems capability that enables DHS to add value to the national knowledge base.
Goal 4: Mitigation, Prevention, and Readiness: Focus on mitigating threats and preventing attacks against the Homeland, particularly the systems, facilities, and individuals protected by the DHS Stakeholder Community. Lead the Homeland Security Intelligence Community to support Continuity of Operations (COOP), Continuity of Government (COG) and National Special Security Events (NSSEs) and other special events, emerging incidents, and exercises.
Goal 5: Mission Advocacy: Serve as the primary Federal Government homeland security intelligence-related information provider to our Stakeholders while acting as their advocate for intelligence-related information within the Intelligence, Defense and Law Enforcement Communities.
Goal 6: Culture: Promote a culture that supports and rewards initiative, creativity, diversity, and professionalism.
Goal 7: Business Process: Create open and flexible business processes that foster operational excellence and mission success. (U.S. Department of Homeland Security, 2006)
Primary objectives stated by the DHS Enterprise Strategic Plan are the following objectives:
1) Information and Collection Requirements: Build and continuously update the definitive list of Homeland Security Stakeholders' information and collection requirements, including Priority Intelligence Information Requirements (PIIRs) and Standing Information Needs (SINs.)
2) Collection Management: Build an integrated collection policy and structure for DHS. Provide collection management services to non-IC DHS components, and provide the linkage to DoD, IC, and law enforcement collection systems.
3) Collection Activities: Manage and expand departmental collection resources to more effectively support customer information needs. Improve efficiency and reduce duplication of DHS component collection resources through proper policy and oversight.
4) Reporting: Manage Homeland Security intelligence-related information reporting, seamlessly linking all levels of government and the private sector. Standardize DHS reporting and improve the ability of DHS components to report all relevant intelligence related information obtained through operations; and 5) Dissemination: Manage dissemination of DHS-origin reports throughout the Homeland Security Stakeholder Community, as well as dissemination of non-DHS origin reports to DHS components. (U.S. Department of Homeland Security, 2006)
Analysis and warning objectives include: (1) warning; (2) strategic analysis; (3) operational support; (4) alternative analysis; and (5) customized production. Sharing and management goals include the following objectives: (1) intelligence relation information sharing policy and implementation; (2) data access; (3) information management; (4) technology and tools. (U.S. Department of Homeland Security, 2006)
Objectives stated toward the fourth goal of 'mitigation, prevention and readiness' include the following objectives: (1) ensure a seamless DHS capability for support of the full scope of customers in all operating environments; (2) build partnerships that Homeland security stakeholder through development of an "integrated Homeland Security intelligence approach that will succeed and adapt to all operating environments and the transitions between them; Intelligence Leadership: During COOP / COG, NSSEs, and emerging incidents, be the intelligence provider of choice for all Homeland Security Stakeholders; (4) Counterintelligence: Consistent with legal authorities, establish measures to protect the Department against hostile intelligence and operational activities conducted by or on behalf of foreign powers or international terrorist activities. (U.S. Department of Homeland Security, 2006) Stated as mission advocacy objectives are: (1) establishment of priorities; (2) deployment of experts; (3) coordination of intelligence support; (4) strengthen activities in coordination of Homeland Security Intelligence projects between the DHS components, Intelligence, Law Enforcement and Defense Communities, leveraging relevant expertise; and (5) Outreach through ensuring customers of DHS are familiar with te abilities of DHS that meet the intelligence needs of the customers. (U.S. Department…