NSA, DHS Deepen Cyber Relationships

The Defense Department and the Department of Homeland Security have breathed the same air on cybersecurity for seven years, but it's taken until today for the two executive branch departments to make their union official.

According to a memo made public today, DHS will assign a senior officer to the National Security Agency, and a "Joint Coordination Element" will be set up to coordinate Defense Department and Homeland Security responses to domestic cyber emergencies. The NSA will in turn provided support elements to DHS, and will move a dozen personnel to DHS's main cybersecurity response campus in Fairfax County, Virginia. DHS cyber cops and managers will be permanently stationed at the headquarters of Cyber Command, at Fort Meade in Maryland. Several DHS analysts will be detailed to the NSA's National Threat Operations Center, which is the intelligence community's cybersecurity warning center.

The goal is to "better protect against threat to civilian and military systems," a senior Defense Department official told reporters on a conference call. "The threats we face cross jurisdictional boundaries, and it's important that we bring together capabilities to respond as one nation."

The new cooperation will make it easier for the NSA to lend its expertise to emergency domestic cyber threats under the auspices of the Department of Homeland Security, rather than through direct contact with the private sector entity under threat, officials said.

"The U.S. just happens to have a lot of technical expertise at NSA, and we don't have the time or the money to build these capacities twice," the Defense official said.

A Homeland security official later said that cooperation between the two entities had been "too ad hoc" to date.

After Google disclosed that several of its critical servers were hacked in December, it asked the NSA for help. Under the new cooperation agreement, companies wouldn't have to circumvent DHS to get help. "DHS, already as a part of its mission space, does this," the homeland security official said.

Anytime the NSA is mentioned in conjunction with cybersecurity, red flags fly, because though the agency has the capacity to perform deep packet inspection on all traffic flowing in and out of the U.S., it does not have the legal authority to do so.

The senior officials repeatedly referenced "civil liberties and privacy," and said that the Joint Coordination Element will include staff to focus on those issues. Additionally, the deputy secretaries of Defense and Homeland Security will hold regular meetings to review the civil liberties and privacy impact of offensive or defense cyber actions. "All oversight mechanisms will continue," the DHS official said.

Last month, DHS released its National Cyber Incident Response Plan (NCIRP), the country's first. The department continues to implement an NSA-developed technology called Einstein 3 to actively detect malicious hacking and intrusions on dot.gov domains.