The Department of Homeland Security’s (DHS) effort to consolidate its network and security operations centers into a Network Operations Security Center (NOSC) model will improve the agency’s continuity of operations efforts, CIO Karen Evans said today.
While the DHS mission has remained the same since its creation, Evans said that technological upgrades and innovation are pushing the agency to rethink some of its traditional models.
“The mission hasn’t changed, but the … technology has changed,” she said at the September 9 Billington CyberSecurity Summit. “So, with the changing of that technology and the opportunities of the promise of implementing that technology and really leveraging that – that’s where the priority is.”
The threat landscape, Evans continued, is an example of how things have changed. New innovations and iterations of technology come with new sets of complexities that DHS must work to protect – and that has changed the agency’s approach to risk management.
The NOSC model stems from some of the changes Evans noted. The agency is currently working on an analysis of its existing centers to adjust to how network and security operations has changed since it was first implemented. Under the old model, network operators were responsible for performing triage to assess the situation while security operators performed the analysis. Combining these forces will improve continuity of operations by removing the delay between the two teams.
“In a 24-by-seven operation, you can’t shut things down,” she said. “You’ve got to keep things going, but you have to collect information, you have to be able to pass it off.” The NOSC model, as Evans explained, allows for network and security steps to be completed without having to pause operations.