Network Optimization Is a Key Focus of DHS CISO

By Lloyd McCoy, Market Intelligence Manager

At a recent summit (sponsored by immixGroup), DHS CISO Paul Beckman, discussed challenges related to network optimization and outlined the steps the agency is taking to ensure both security and operational efficiency.

DHS is taking a close look at its Security Operations Center (SOC) optimization, from maturity standards to contracting. The agency is also looking for “network monetization” through the GSA’s Enterprise Infrastructure Solutions (EIS) contract, in the form of regaining lost workforce hours through automation.

DHS has 16 “loosely federated security operation centers spread geographically throughout the entire country, with varying degrees of maturity.” Beckman’s challenge lies in how to bring them all up to the minimum baseline of security standards.

His first attempt, which focused on consolidation, “didn’t go over too well with my colleagues,” as neither cost effective nor beneficial, Beckman said. That’s when the effort shifted to optimization.

According to Beckman, the optimization process at DHS is broken into three components: Raising the levels of maturity standards in the 16 SOCs, identifying standardized tools and processes and streamlining contracting.

For the maturity component, Beckman and his team decided to “emulate” the DOD Cyber Security Service Provider model.

“We establish what those maturity standards need to be, and we audit you against those standards and see if you meet the mark,” Beckman explained. “If you do, you get certified as a center of excellence, capable of providing security monitoring as a service to anyone within DHS.” Audited organizations that do not meet those minimum standards would be required to go to one of the centers of excellence that did pass for help in improving.

The second part of the optimization process is identifying standardized tools and processes, which is an ongoing effort. “How do we analyze and mitigate risk? How do we do incident response? We need to standardize on processes and tools by which we do that,” Beckman explained.

The third piece is contracting. “I had eight contracts out there across the department for the eight agencies under DHS, all essentially doing the same thing,” Beckman explained. “It wasn’t an efficient way to consume security services. So, we will be consolidating all of those contracts into one and have one vehicle for SOC services.”

Getting Buy-in on Optimization

For Beckman, getting buy-in from DHS’s component organizations was an important lesson learned. “DHS is a unique organization. We have a lot of heavy players and it’s sometimes hard to get us marching to the beat of one drum,” he explained.

Beckman got buy-in through the optimization process by breaking out each of the three aspects of optimization into integrated product teams and assigning aspects of the process to the component agencies.

“I’ve got Customs and Border Protection running the tools and processes piece, I’ve got Immigration and Customs Enforcement running the maturity standards piece and I’ve got Secret Service running the contracts piece,” Beckman explained.

By giving the component agencies a vested interest in having them drive home their component, “they are able to develop it from the ground up and bring that to the enterprise level. So far that has been an extremely effective strategy for how we get that SOC optimization project up,” he said.

Keep up with the latest IT trends in government. Subscribe to immixGroup’s Government Sales Insider blog.

Are you planning on attending the Government IT Sales Summit on November 21? Learn more here.

This article was originally published in Washington Technology online magazine.