The Department of Homeland Security has announced a new cyber “risk management” initiative — promoted heavily at DHS’s recent cybersecurity summit — and now, industry sources are watching to see whether this becomes a consequential policy step, a public relations exercise, or perhaps some of both.
“What problem are they trying to solve?” one cyber policy veteran asked skeptically, suggesting the effort to stand up a National Risk Management Center will amount to little more than glitzy paper wrapped around existing programs.
Homeland Security Secretary Kirstjen Nielsen announced the new risk center during the July 31 National Cybersecurity Summit in New York City, drawing support from industry but also questions.
Nielsen said the department is taking a systemic approach to identifying, analyzing and responding to cyber risk with an initial focus on the financial, energy and communications sectors — so-called lifeline industries where a cyber attack could have devastating impacts on the U.S. population and economy.
In an internal Aug. 3 memo, DHS Under Secretary Christopher Krebs explained of…
