The US government’s Defense Innovation Unit (DIU) and Cybersecurity and Infrastructure Security Agency (CISA) will be working together to develop new cybersecurity applications. The two agencies have entered into a three-year information sharing agreement, and will also be coordinating their investments in new security technologies.
The DIU is part of the Department of Defense (DOD), and acts as an incubator for commercial technologies with national security applications. CISA, meanwhile, is located within the Department of Homeland Security (DHS), and is a civilian cybersecurity agency responsible for election security, amongst other things. The agencies are joining forces to better coordinate their national cybersecurity strategy and adopt a more consistent security posture at the federal level.
The partnership will specifically allow CISA to benefit from the DIU’s “other transaction” authority, which gives the agency the ability to integrate technologies from non-traditional defense contractors. The authority gives the DIU more regulatory flexibility when implementing new solutions, and makes it easier to keep pace with the rest of the cybersecurity industry.
“CISA is eager to see the procurement processes DIU has successfully developed in action and how it uses alternative procurement authorities and methods to quickly obtain commercial solutions to mission problems,” said CISA Innovation Hub Chief Sabra Horne.
“CISA and DIU have complementary missions and capabilities,” added DIU Cyber Director Jeff Kleck. “We will learn together about areas of common interest and how the domestic application of DOD capabilities can benefit the nation.”
The two agencies signed their memorandum of agreement on October 19. Potential areas of collaboration include incident response, the blockchain, the IoT, and identity and access management.
The DHS recently came under fire for a controversial policy proposal that would have dramatically expanded the agency’s ability to collect biometric data. The HSAC ultimately criticized the DHS for failing to explain the policy internally and to the general public.
The DHS has also acknowledged that poor cybersecurity practices were to blame for a CBP data breach in 2019.
December 18, 2020 – by Eric Weiss