At its National Cybersecurity Summit in late July, the Department of Homeland Security unveiled its new National Risk Management Center, which will coordinate national efforts to protect U.S. critical infrastructure.
According to a DHS release, the NRMC will create a cross-cutting risk management approach across the federal government and private sector partners through three lines of effort:
- Identifying and prioritizing strategic risks to national critical functions;
- Integrating government and industry activities on the development of risk management strategies; and
- Synchronizing operational risk management activities across industry and government.
DHS says that the Center will work closely with the National Cybersecurity and Communications Integration center (NCCIC), which will remain DHS’s central hub for cyber operations. The NMRC will run simulations, tests and cross-sector exercises, and it will serve as a sort of 911 resource for local, state, federal and private organizations in cybersecurity crisis.
“We are not waiting for the next intrusion before we act,” says DHS Secretary Kirstjen Nielsen. “We are taking a clear-eyed look at the threat and taking action – and notably – collective action to combat them.”
Bob Kolasky, acting assistant secretary for infrastructure protection at DHS’s National Protection and Program Directorate, has been named director of the NRMC.
The move has been broadly welcomed by cybersecurity professionals. Francis Dinha, CEO and co-founder of OpenVPN, told Security: “The most promising aspect of the new cybersecurity initiative is the emphasis on understanding. It’s clear they’ve made it a top priority to actually understand the current potential threats, which is the only way to practically move towards greater cybersecurity for our country.”