January 26, 2015 | Issue Brief on National Security and Defense
Several weeks ago, President Barack Obama announced that the Department of Homeland Security (DHS) would provide work authorization and protection from deportation to as many as 5 million unlawful immigrants. While Heritage has written on the harm done by the President’s executive actions to the U.S. immigration system and the rule of law, another serious side effect is the harmful redirection of attention and resources away from pressing homeland security issues ranging from terrorism to emergency preparedness to institutional reform at DHS. In order to implement the President’s sweeping order, DHS Secretary Jeh Johnson and other leaders at DHS will simply not have the time, money, manpower, or trust of Congress to make important reforms to these other areas of critical importance. It falls to Congress to correct these misplaced priorities.
One important area where DHS needs to do more is cybersecurity. DHS is directly or indirectly responsible for large segments of federal cybersecurity as well for supporting private-sector cybersecurity measures. With cyber attacks and threats on the rise, Congress should call on DHS to focus more on making the U.S. more secure in cyberspace.
In the past year, numerous high-profile hacks of private companies, as well as of government agencies, have kept cybersecurity in the public eye. Even more worrying are reports pointing to various sectors of critical infrastructure being penetrated by nation-state hackers. To better defend all users from cyber attacks and cyber espionage, DHS should be dramatically expanding its ability to engage with the private sector and retain a highly skilled workforce. With DHS’s focus elsewhere, Congress should push DHS to improve in several areas.
In defending and justifying the President’s executive action on immigration, Secretary Johnson talked about the need to prioritize scarce resources for immigration enforcement. With DHS’s leadership now focused on implementing and defending the executive action, it has implicitly prioritized the President’s executive action over other important homeland security issues. Congress must refocus DHS’s efforts to make the U.S. more cyber-secure.
—David Inserra is a Research Associate for Homeland Security and Cybersecurity in the Douglas and Sarah Allison Center for Foreign and National Security Policy, a division of the Kathryn and Shelby Cullom Davis Institute for International Studies, at The Heritage Foundation.
 Douglas Ernst, “Russian Hackers’ ‘Trojan Horse’ Malware Inside U.S. Critical Infrastructure Since 2011,” The Washington Times, November 6, 2014, http://www.washingtontimes.com/news/2014/nov/6/russian-hackers-trojan-horse-malware-inside-us-cri (accessed January 22, 2015), and “Operation Cleaver,” Cylance, 2014, http://www.cylance.com/assets/Cleaver/Cylance_Operation_Cleaver_Report.pdf (accessed January 22, 2015).
 David Inserra and Paul Rosenzweig, “Cybersecurity Information Sharing: One Step Toward U.S. Security, Prosperity, and Freedom in Cyberspace,” Heritage Foundation Backgrounder No. 2899, April 1, 2014, http://www.heritage.org/research/reports/2014/04/cybersecurity-information-sharing-one-step-toward-us-security-prosperity-and-freedom-in-cyberspace.
 U.S. Department of Homeland Security, “Budget-In-Brief FY 2015,” 2014, p. 97, http://www.dhs.gov/sites/default/files/publications/FY15BIB.pdf (accessed January 22, 2015).
 U.S. Government Accountability Office, “IT Supply Chain: National Security-Related Agencies Need to Better Address Risks,” GAO–12–361, March 2012, http://www.gao.gov/assets/590/589568.pdf (accessed January 22, 2015).
 David Inserra and Steven P. Bucci, “Cyber Supply Chain Security: A Crucial Step Toward U.S. Security, Prosperity, and Freedom in Cyberspace,” Heritage Foundation Backgrounder No. 2880, March 6, 2014, http://www.heritage.org/research/reports/2014/03/cyber-supply-chain-security-a-crucial-step-toward-us-security-prosperity-and-freedom-in-cyberspace#.
 U.S. Government Accountability Office, “Federal Facility Cybersecurity: DHS and GSA Should Address Cyber Risk to Building and Access Control Systems,” GAO–15–6, December 2014, http://www.gao.gov/assets/670/667512.pdf (accessed January 22, 2015).
 U.S. Government Accountability Office, “Maritime Critical Infrastructure Protection: DHS Needs to Better Address Port Cybersecurity,” GAO–14–459, June 2014, http://www.gao.gov/assets/670/663828.pdf (accessed January 22, 2015).
 U.S. Department of Homeland Security Office of the Inspector General, “Domestic Nuclear Detection Office Has Taken Steps to Address Insider Threat, But Challenges Remain,” OIG–14–113, July 2014, http://www.oig.dhs.gov/assets/Mgmt/2014/OIG_14-113_Jul14.pdf (accessed January 22, 2015).
 Partnership for Public Service, “The Best Places to Work in the Federal Government: National Protection and Programs Directorate (DHS),” 2015, http://bestplacestowork.org/BPTW/rankings/detail/HS20 (accessed January 22, 2015).