Tag Archives: Homeland Security

Homeland Security Overhauls Science And Technology (S&T) Directorate


DHS Science and Technologg


“The Department of Homeland Security is redesigning the technology accelerator it uses to fund and help commercialize new solutions.

The move shakes up an office seen as the department’s research and development arm, funding potential technologies to benefit not only DHS component agencies but the commercial world as well.”

“Department officials said late Monday that the Science & Technology Directorate will be reorganized into four offices working in tandem to focus on customer-centered products and help speed delivery to market to keep pace with emerging threats.

“We no longer have the luxury of time to do traditional R&D, so we must change if we are to get ahead of threats cycles and keep pace with rapid innovation,” William N. Bryan, who oversees the Directorate and is nominated to be Under Secretary for Science and Technology, said in a statement. “We are improving our R&D business practices to make it easier for industry, including the start-up community, to work with us.”
The S&T Directorate will be overhauled into four offices:

The Office of Mission & Capability Support, which will lead the bulk of S&T’s program management for borders, immigration, maritime, first responders, detection capabilities and physical and cybersecurity.

The Office of Engineering & Science, which will include operations and requirements analysis, systems engineering, standards, technology scouting, test & evaluation and transition.

The Office of Innovation & Collaboration will focus on industry and international partnerships and include such efforts as the Silicon Valley Innovation Program, Federally Funded Research & Development Centers, university programs and collaboration with national labs.

The Office of Enterprise Services, which will oversee S&T’s support functions such as administration, communications, finance and budget and the chief information office.
The redesign is intended to hone S&T’s focus on the technology and solution needs of DHS component agencies, but it also provides the office with more flexibility to shift resources and speed capability development.

“We are engaging our DHS acquisition colleagues earlier in the R&D process to help pave the way for a successful transition of capabilities to our customers as well as to the homeland security marketplace,” Bryan said. “Our emphasis is on clarity, transparency and staying open to new ideas. Scientific and engineering excellence is at the core of everything we do.”

The redesign plan involved a full analysis of its business and operational processes and leveraged 90 S&T employees to craft the new structure.

The office is known for supporting a range of solutions through research funding to benefit federal agencies, such as pilots for mobile phish-blocking technology, cyber forensics tools and other products.”


HS Private Sector Recruiting Contracts Once Again Likely to Yield Employee Criminal Behavior



HS Hiring Contracts

Photo: Customs and Border Protection


“The  federal government plans to pay private companies hundreds of millions of dollars to help two of its largest law enforcement agencies hire employees.

When Border Patrol used private companies to help hire new employees in the 2000s the number of Border Patrol employees charged with civil and criminal misconduct increased by 44 percent in the years following the hiring surge, the Associated Press reported last year.”

“Immigration and Customs Enforcement (ICE) plans to hire more than 16,000 new employees, including 8,500 deportation officers, according to the agency. Customs and Border Protection (Border Patrol) has already awarded almost $300 million to a private company that will help the agency hire 5,000 border patrol agents.

ICE and Border Patrol, both of which are part of the Department of Homeland Security, will pay the private companies a flat rate for every new employee hired, potentially incentivizing the companies to cut corners and not fully vet every candidate before they’re hired. As history has shown, this can have dangerous—even deadly—consequences.

When Border Patrol used private companies to help hire new employees in the 2000s, an agency official noted that the agency ended up hiring “people that would not previously have been considered for employment” because the companies were more concerned with getting paid than with finding good candidates. He wrote that, “These contractors have mandated efficiencies to protect their financial bottom line. This has resulted in decreased accuracy and overall quality of the BI [background investigations].”

As a result, the number of Border Patrol employees charged with civil and criminal misconduct increased by 44 percent in the years following the hiring surge, the Associated Press reported last year.

Similarly, dozens of ICE employees have been charged with criminal acts over the past ten years, which raises questions about the agency’s existing vetting standards for new employees.

Companies cutting corners when helping to hire federal employees extends to other agencies. In 2013, a military contractor who passed a background check by a private company to work for the Office of Personnel Management shot and killed 12 people at the Washington Navy Yard. The company had been aware of the military contractor’s criminal background prior to the mass shooting, but the company never reported it to the government. And the Justice Department later alleged that the company “deliberately” cut corners on background checks “to increase the company’s revenues and profits.”

To top it off, outsourcing the hiring process for government employees can also be illegal. Under federal regulations, the hiring of government employees is an “inherently governmental function,” meaning that using private companies to help hire federal government employees puts ICE and CBP in risky legal territory. For example, functions such interviewing candidates must be performed by government employees and not private companies.

When the Project On Government Oversight (POGO) reached out to ICE for comment, an ICE official said that federal employees—not private companies—will make all final hiring decisions.

In fact, shortly after POGO’s inquiry, ICE revised its original solicitation notice to private companies to specify that “certain parts of the federal government hiring processes are inherently governmental functions.” While the insertion of that language is a move in the right direction, it doesn’t mean that using private companies to help hire federal employees is without its risks. Multiple federal agencies, whether intentionally or not, have allowed contractors to perform inherently governmental functions in the recent past.

For example, in 2009, the Department of Defense Office of Inspector General foundthat an Air Force contractor essentially performed inherently governmental functions while government employees played only a “perfunctory” role in approving the contractor’s work. In 2014, the Department of Veterans Affairs Office of Inspector General found that a “lack of oversight allowed” a contractor to perform inherently governmental tasks. And in 2009, the Department of Homeland Security Office of Inspector General found that Border Patrol “did not clearly distinguish between roles and responsibilities that were appropriate for contractors and those that must be performed by government workers because of the rush to fill program management positions.”

Given the power an individual ICE or Border Patrol agent is entrusted with, as well as the disasters the federal government has already experienced as a result of the roles private companies have played in the hiring of federal employees, it’s imperative that all hiring of federal employees be performed by government employees. ICE and Border Patrol shouldn’t create more problems for themselves than they are trying to solve.”





DHS Science & Technology Directorate Leading the Way on Cyber Innovation


Homland Security Cyber Innovation

“FIFTH DOMAIN” By Chris Cummiskey

“One of the greatest impediments to taking innovative ideas and putting them into action is the federal acquisition process.

The Cybersecurity Division (CSD) R&D Execution Model has been utilized since 2004 to successfully transition over 40 cyber products with the help of private sector companies.”

“It isn’t often that the words innovation and government find their way into the same sentence. When they do, it is often to decry the lack of innovation in government practices. Silicon Valley and other corporate leaders have long lamented that the federal government just doesn’t seem to understand what it takes to bring innovation to government programs.

One office in the federal government is having an outsized, positive impact on bringing private sector innovation to government cybersecurity problem solving. The Cybersecurity Division (CSD) of the Science & Technology Directorate at the Department of Homeland Security has figured out how to crack the code in swiftly delivering cutting edge cyber technologies to the operators in the field. Some of these programs include: cybersecurity for law enforcement, identity management, mobile security and network system security.

The mission of CSD is to develop and deliver new technologies and to defend and secure existing and future systems and networks. With the ongoing assault on federal networks from nation-states and criminal syndicates, the mission of CSD is more important than ever.

CSD has figured out how to build a successful, actionable strategy that produces real results for DHS components. Their paradigm for delivering innovative cyber solutions includes key areas such as a streamlined process for R&D execution and technology transition, international engagement and the Silicon Valley Innovation Program (SVIP).

R&D Execution and Technology Transition

 As a former chief acquisition officer at DHS, I certainly understand why there needs to be federal acquisition regulations. The challenge is these regulations can be used to stifle the government’s ability to drive innovation. I am encouraged by the efforts to overcome these obstacles by federal acquisition executives like DHS Chief Procurement Officer Soraya Correa – who is leading the fight to overcome these hurdles.

Under the leadership of Dr. Doug Maughan, CSD has created a process with the help of procurement executives that swiftly establishes cyber capabilities and requirements with input from the actual users. They have designed a program that accelerates the acquisition process to seed companies to work on discreet cyber problems.  The model sets up a continuous process that starts with workshops and a pre-solicitation dialogue and ends with concrete technologies and products that can be utilized by the operators in the various DHS components. To date the program has generated cyber technologies in forensics, mobile device security, malware analysis and hardware enabled zero-day protections and many others.

International Engagement

Maughan often states that cybersecurity is a global sport. As such, many of the challenges that face the United States are often encountered first by other countries. Maughan and his team have worked diligently to leverage international funding for R&D and investment. CSD is regularly featured at global cyber gatherings and conferences on subjects ranging from international cyber standard setting to sharing R&D requirements for the global entrepreneur and innovation communities.

Silicon Valley Innovation Project (SVIP)

It seems like the federal government has been trying to get a foothold in Silicon Valley for decades. Every president and many of their cabinet secretaries in recent memory have professed a desire to harness the power of innovation that emanates from this West Coast enclave. One of the knocks on the federal government is that it just doesn’t move fast enough to keep pace with the innovation community. Maughan and the folks at CSD recognize these historic impediments and have moved deftly to build a Silicon Valley Innovation Project (SVIP) that is delivering real results. To help solve the hardest cyber problems facing DHS components like the Coast Guard, Customs and Border Protection, the United States Secret Service and the Transportation Safety Administration, SVIP is working with Silicon Valley leaders to educate, fund and test in key cyber areas. The program is currently focusing on K9 wearables, big data, financial cybersecurity technology, drones and identity. The SVIP has developed an agile funding model that awards up to $800,000 for a span of up to 24 months. While traditional procurement processes can take months, the SVIP engages in a rolling application process where companies are invited to pitch their cyber solutions with award decisions usually made the same day. The benefits of this approach include: speed to market, extensive partnering and mentoring opportunities for the companies and market validation.


Moving innovative cyber solutions from the private sector to the federal government will always be a challenge. The speed of innovation and technological advancement confounds federal budget and acquisition processes. What Maughan and CSD have proven is that with the right approach these systems can complement one another. This is a huge service to the men and women in homeland and cybersecurity that wake up every day to protect our country from an ever-increasing stream of threats.”



Chris Cummiskey is a former acting under secretary/deputy under secretary for management and chief acquisition officer at the U.S. Department of Homeland Security.

DHS And Justice Spend $95 Million on Secret Cellphone Tracking Technology


Image: ” CBS Los Angeles”


“They own more than 400 cell-site simulators that can be used to zero in covertly on the locations of cellphones.

Cell-site simulators mimic cell towers to trick cellphones to connect to them, enabling investigators to obtain identifying information about the phones and their locations.

A report released Monday by the House Oversight and Government Reform Committee reveals a tally of how many cell-site simulators federal agencies own and recommends that lawmakers adopt a national standard to govern use of the devices by local and federal law enforcement agencies.

With 194 cell-site simulators, the FBI has the most of any of the agencies identified as owning the devices, which often are referred to by brand names including Stingray or Hailstorm.

The U.S. Marshals Service has 70; U.S. Immigration and Customs Enforcement has 59; U.S. Customs and Border Protection and the Drug Enforcement Administration each has 33; U.S. Secret Service has 32; the Bureau of Alcohol, Tobacco, Firearms and Explosives has 13; the Internal Revenue Service Criminal Investigations division has two; and the Treasury inspector general has one.

The report does not indicate the specific types of devices the agencies have but lists the costs of the individual devices purchased as $41,000 to $500,000.

Law enforcement officers often deploy the suitcase-sized devices by hauling them in vehicles as they drive through neighborhoods looking for suspects’ phones, scooping up data on cellphones of passers-by in the process.

Homeland Security and Justice adopted policies in 2015 requiring law enforcement to obtain warrants in most cases before deploying cell-site simulators, but the report notes that there is no standard policy on the use of the devices by local authorities and recommends that federal lawmakers enact legislation to create a national framework for legal use.

“Congress should establish a legal framework that governs government agencies, commercial entities, and private citizens’ access to and use of geolocation data, including geolocation data obtained by the use of a cell-site simulator,” reads the report, written by Reps. Jason Chaffetz, Utah Republican, and Elijah E. Cummings, Maryland Democrat.

In the meantime, the 36-page report suggests that Homeland Security and Justice require agencies seeking cell-site simulators to adhere to federal guidelines before approving the purchase and use of the devices. The FBI already requires agencies to sign nondisclosure agreements before approving their purchases

The report also suggests that nondisclosure agreements — which have required prosecutors to abandon criminal charges rather than disclose local police use of cell-site simulators — should be eliminated altogether.

“Nondisclosure agreements should be replaced with agreements that require clarity and candor to the court whenever a cell-site simulator has been used by law enforcement in a criminal investigation,” the report states.

The report does not indicate how many local law enforcement agencies have cell-site simulators, but it states that the Homeland Security Department identified more than $1.8 million in grant money it provided to state and local law enforcement to purchase such technology.”



Homeland Security Must Manage Risk – Not Events




“The department’s mitigation programs, relationships with states and localities, and emerging analytic capability make it the ideal hub for a risk management mission.

The DHS isn’t doing its job because it doesn’t know what its job is.

Rather than combating terrorism, the department should refocus its mission around combating risks of all kinds.

It was created as a mishmash of 22 disparate agencies in the rush to respond to the Sept. 11 attacks. Congress and the president created the department with the explicit mission of preventing terrorism, but they included unrelated agencies that needed a home, while other important terrorism- or disaster-related agencies were left out.

Today, the department’s management spends much of its precious time responding to the headline of the day across multiple missions of protecting the border, preparing for natural disasters, and managing airport screeners. Its frontline employees don’t fare any better — the agency routinely tops the list of worst places to work in government. Fortunately, the department can do better. Public administration scholars have found that one of the best ways to improve job satisfaction is to make missions and goals more clear and less ambiguous.

Fixing the department requires jettisoning the holding company model and leaving the job of curbing terrorist threats to the Department of Justice, which houses the FBI. Without terrorism at the center, the agency can refocus on assessing and reducing an array of risks for natural and technological disasters. For any particular threat, such as terrorism or hurricanes, risk is a function of the probability of the threat multiplied by the potential consequences.  That sounds simple enough, but if done correctly it could transform how we prepare for disasters and make the country safer.

Right now, the DHS manages siloed programs to prepare for many different kinds of threats. But it is difficult to prioritize investments across different threats over time. A reformed department would compare the risks posed by hurricanes, forest fires, tornadoes, radiological “dirty bombs,” and cyber attack. Some defenses, such as concrete barriers, can reduce the damage caused by both floods and terrorism. The department could also assess risks over time. Investing in mitigation, or reducing the damage caused by disasters before they happen, is cheaper than coming to the rescue after a disaster. A report from the Multihazard Mitigation Council found that mitigation saves society an average of $4 saved for every $1 spent. It is difficult to convince politicians and department leaders to spend  money on mitigation, however, because they cannot easily take credit for helping to prevent a disaster that never happened, or that might not happen on their watch.

The DHS’ disaster management arm, FEMA, already offers grants to states and localities to build mitigation programs. But these programs are modest, and FEMA employees make up less than two percent of the department. Extending the mission of FEMA’s modest mitigation directorate would reorient the department around illustrating what risks society faces and what investments would reduce them. There is much work to be done. Convincing cash-strapped jurisdictions to spend money on mitigation requires evidence that the cost is worth it.

Some department officials say that they are already doing risk management. When compared with the careful forecasts of the National Oceanic and Atmospheric Administration or the exhaustive reports of the General Accountability Office, however, DHS products come up short. Building on analytic capacity from other agencies and the privacy sector could make the DHS the government face for information about risk.

For all the complaints that cities make about the department, the DHS has closer ties to cities and states than do most of the expert science agencies in the federal government. DHS border agents work closely with state and local police, and FEMA operates grant programs with every state and many counties. The department’s connections to the street level could be significantly enhanced with a sharper focus on risk management that leverages these existing relationships.

A reinvigorated DHS would leave chasing terrorists to better equipped agencies, jettisoning the ostensible reason for the department’s creation. Its new and expanded mission of assessing, illustrating, and reducing risks of disasters of all kinds is better suited for the 21st century. The world may not be more dangerous than it was in the last century, but it is more complex.”


Huge Procurement Budgets In Justice & Homeland Security


Law Enforcement Budgets


“Federal IT is converging in a number of meaningful ways, and identifying plays within cloud and cybersecurity is a must for every IT company in the federal market.

It is more important than ever to understand the network of relationships between systems integrators and their federal customers.

Working with a distributor who understands the changing landscape of the federal market will help you get your products in the hands of government agencies by driving demand creation and lead generation.

The trend toward transformation across the government aims to increase automation, share information within and among agencies, and move to paperless systems for applications and documentation.

The transformational push will mean greater use of the cloud for data and applications. This is particularly true among law enforcement agencies. The proposed fiscal 2017 budget suggests more opportunities across the federal law enforcement community for IT solutions targeted towards cloud and open source technologies.

At the same time, increased use of these technologies also means increased concerns about information security. Consequently, agencies are not only looking for open source technology and cloud implementations; they continue to look for ways to improve the security of their IT infrastructure and associated data.

Let’s look at how agencies are piloting and rolling out new types of cloud computing technologies, leveraging open-source and open-standard solutions, and expanding cybersecurity in their IT environments.

Department of Justice

DOJ’s 2017 IT budget is $2.8 billion, with significant money being spent on legacy IT investments. Legacy IT at Justice isn’t all old systems, as DOJ has long worked to provide information to other law enforcement entities via a law enforcement community cloud. Cloud efforts, alongside concern about insider threat prevention, should be key go-to-market approaches for IT companies looking to target the department.

The National Data Exchange Program (N-DEx), which DOJ is funding to the tune of $26 million in 2017, is a key example of the department’s law enforcement community cloud. N-DEx is populated primarily by federal law enforcement groups and makes that information available to state, local, and tribal authorities. Expansion efforts this year include connection with additional law enforcement systems and continued system performance enhancements and tech refreshes. Expect to see a new focus on ways to integrate data and information from disparate sources over the remaining year.

DOJ’s IT security investment will fund many of the department’s tools to protect internal systems from external threats, and to mitigate the risk from malicious actors within DOJ’s networks. The $200 million in cyber spending is increasingly centralized at DOJ’s headquarters, but the FBI retains some autonomy in cybersecurity spending.

For those prospecting within IT security, keying in on some of the application refreshes going on at bureaus like the Drug Enforcement Administration, the U.S. Marshals Service, and the Bureau of Prisons, These DOJ subagencies will provide an avenue to sell more software assurance-focused cyber tools into the department.

Department of Homeland Security

DHS’s IT budget request for fiscal 2017 is nearly $6.5 billion, up nearly $300 million from the 2016 request. Most of the department’s $1.2 billion development, modernization, and enhancement budget (DME – think money for new projects and programs) is going to the National Protection and Programs Directorate, with significant new money also being spent at U,S. Citizenship and Immigration Services and Customs and Border Protection..

Continuous diagnostics and mitigation (CDM) continues to be a focus in IT cybersecurity spending. The fiscal 2017 request for CDM is $275 million, an increase over the 2016 request.

The goal of Phase 1 of CDM was answering the question “What is on your network?” The program is now moving into Phase 2, with solicitations scheduled for release in the second quarter of 2016. This phase is all about “Who is on your network?” and ensuring more consistent account and privilege management. Getting access to CDM dollars means working with the prime vendors that have already won contracts working with federal agencies.

Another prominent DHS IT investment is the National Cybersecurity & Protection Systems, NCPS (more commonly known as Einstein), which is intended to protect the .gov domain from malicious attacks. DHS will spend over $470 million on Einstein in 2017. This combination of hardware and software sits in Internet Service Providers’ data centers in “Einstein enclaves.”

It is important to note that a recent GAO report criticized Einstein’s defenses, noting that the program does not stop many well-known vulnerabilities. This year, program leaders will be planning and designing advanced visual analytics, automated reports, and enhanced data management.

Raytheon won a major contract, DOMino, to support the sustainment and operations of Einstein. IT companies seeking to support the NCPS mission will need to work with Raytheon and NCPS leadership to supply the next generation of cybersecurity tools.

Finally, we have the DHS Transformation program with spending of $173 million. This program is the U.S. Citizenship and Immigration Services’ effort to move from paper-based to paperless applications for immigration. Transformation is a long-running investment for USCIS. Beset by issues in the past, current CIS leadership has resurrected the program with quick, iterative releases that provide incremental functionality updates to keep the initiative on track. IT companies that can incorporate open source functionality to the Transformation program will likely find ready ears within USCIS.”


Who’s In Charge of What If Massive Cyber Attack Strikes Nation?


Image: Veterans Today .com


“The Department of Homeland Security has the lead in responding to most cyber attacks.

But if one were to occur today, DHS and the Defense Department wouldn’t know all the details of who is in charge of what.

The Department of Defense Cyber Strategy, published in April, carves out a clear role for the military and Cyber Command in responding to any sort of cyber attack of “significant consequence,” supporting DHS.

Specifically, the strategy tasks the 13 different National Mission Force teams, cyber teams set up to defend the the United States and its interests from attacks of significant consequence, with carrying out exercises with other agencies and setting up emergency procedures. It’s the third strategic goal in the strategy. It’s also “probably the one that’s the least developed at this – at this point,” Lt. Gen. James K. McLaughlin, the deputy commander of U.S. Cyber Command, said at a Center for Strategic and International Studies event last month.

He went on to describe the role that the military would play in such an event as “building the quick reaction forces and the capacity to defend the broader United States against an attack.” It’s something that the Defense Department, the Department of Homeland Security and the FBI and other agency partners all train for together in events like the Cyber Guard exercises, the most recent of which took place in July. The Defense Department, DHS and others worked through a series of scenarios related to a major attack on infrastructure.

McLaughlin described it as helpful in clarifying the difficult legal and policy issues that rear up when U.S. troops are brought in to perform some military operation on U.S. soil. But that doesn’t mean that all the kinks were ironed out.

“I think we feel comfortable that if one of those events happened today you’d see the right discussion about the sort of the political leadership, you know, has this reached that threshold? To be honest, it will never be black and white, have a perfect recipe … we have a structure within the government to have that discussion, and the ability for a request to come forward where U.S. Cyber Command forces would go.”

A structure to have a discussion is a bit different than a clear sense of who is in charge of what when the power goes out.

Army Brig. Gen. Karen H. Gibson, deputy commanding general of Joint Force Headquarters-Cyber at United States Army Cyber Command, essentially reiterated that point when Defense One caught up with her at the AUSA conference last month. When asked if there existed a specific doctrine that spelled out the leadership roles for the Defense Department and for DHS in event of an attack of significant consequence, she said “There are a number of exercises to work through those very issues and how do we leverage the National Guard to help? It is a high priority and they are working it but I don’t think there’s a ‘Hey, here’s the solution,’ yet. It’s just a high priority.”

One of the various legal considerations muddying the prospect of a clear strategy could be laws related to posse comitatus, which forbid anyone to use “any part of the Army or the Air Force as a posse comitatus or otherwise to execute the laws,” except “under circumstances expressly authorized by the Constitution or Act of Congress.”

This kind of attack is a perennial boogeyman, but the actual likelihood of a digital sneak attack that rises to the level of “significant consequence” is harder to pin down. In his novel Ghost Fleet, a fictional account of World War III, strategist Peter Singer makes a convincing argument that a cyber-physical attack is most likely to occur as part of hostilities already underway, not as a first strike.

Keith Alexander, retired Cyber Command commander, struck a more Panetta-ish tone in testimony before the Senate Armed Services Committee Tuesday and painted an attack as imminent.

“We have to expand our outlook on what cyber can do to our country…Practically speaking, an adversary is going to go after our civilian infrastructure first,’ he said. “When you talk about total war, taking the will of the people out to fight, we’re seeing some of the things going on today. Take down the power grid and financial sector and we are isolated… It’s a new way of thinking about warfare where our nation is at risk. In the past we could easily separate out the military to overseas… in this area you can’t do that because the first thing they’re going to go after is our civilian infrastructure…And it’s going to escalate orders of magnitude faster than anything we’ve ever seen.”

However unlikely, were such an attack to occur today, the question of who is in charge of what remains somewhat open.”