Department of Homeland Security (DHS) Secretary Kirstjen Nielsen emphasized the need for industry and government to consistently work together to thwart threats and defend critical infrastructure within an agenda of “relentless resilience,” during a speech on Nov. 16 at an event organized by the U.S. Chamber of Commerce.
“In New York [at DHS’ Cybersecurity Summit in July], I asked you all to sprint with us to take immediate progress on a core set of risk management initiatives. We’ve done that, … but the work does not stop here. Now we must move from that sprint to a relentless marathon. Government and industry must be in this for the long haul,” said Nielsen.
Nielsen started the speech by acknowledging President Trump’s signing into law of the Cybersecurity and Infrastructure Security Agency (CISA) Act earlier that day, and congratulating the leaders of the DHS component agency on the elevation of their operation.
“Our work together does not stop here. After all, CISA will be customer focused by design,” said Nielsen. “We are only successful if our private sector and state and local partners are successful.”
Nielsen highlighted four “core shifts” in defending critical infrastructure: strategic responses to nation-state attacks; embracing a cross-sector view of risks; focusing on underlying functions over systems; and embracing a culture of resiliency against a growing number of threats.
Expanding on the need for resiliency, Nielsen described how DHS is taking these shifts to heart.
“This philosophy is now central to the department’s approach for securing our homeland. We call it the relentless resilience agenda, and it’s about leaning in against today’s threats, while zooming out to prepare for those on the horizon” she added. “Such a culture is not just about bouncing back–it’s about bouncing forward, adapting and innovating even while under attack, and coming back stronger each time to stare down the next challenge more decisively than before.”
She pointed to early successes of the National Risk Management Center (NRMC) as an example, highlighting the efforts to identify national critical functions, create a supply chain risk management task force, and bring together a trisector working group of electricity, communications, and financial services providers.
“I’ve said it many times before, but it bears repeating: in this threat environment, and given our hyper-connectivity, if we prepare individually, we will fail collectively,” Nielsen said.