DHS Under Constant Cyber-Assault, Says New Chief Information Officer
Some are perpetrated by individuals, but many attacks originate in “rogue states,” said Richard Mangogna, who took the job last spring after a long career in the banking sector.
“We are being hit every day,” he told a National Defense Industrial Association homeland security executive breakfast. Why the attacks are increasing is uncertain, although he said it might be because of the upcoming change in administrations.
“We are taking some actions to deal with that,” he said. “Cyber-security is our number one priority.”
One of the steps includes reducing the number of gateways through which hackers can enter.
There are more than 1,000 such portals into DHS computer systems. He would like to cut that down to about 50, he said. DHS has also taken steps to curtail employees’ use of popular social networks and streaming video, he said.
Mangogna comes to DHS as a political appointee at the tail end of the Bush administration. With only 10 months guaranteed in his tenure, he believes he can make some positive changes before his appointment comes to an end in January.
Mangogna, who worked for the investment bank JP Morgan Chase, was involved in 17 major bank mergers over the course of 15 years, and oversaw 28,000 technologists in 26 countries, according to the DHS website. These were complex mergers that involved more personnel than DHS had when it combined its 22 federal agencies, he said.
Most of the mergers were completed within two years, but more than five years after its creation, DHS is still struggling to integrate its computer systems, he said.
Some of the software is 20 or more years old, he noted. One system dates back to 1965.
One change he is promulgating is the oversight of information system contracts. He described the junior members at the office as some of the best and brightest. They could be making more money in the private sector, but they are often motivated by patriotism. Nevertheless, he was “appalled” to discover that these less experienced staffers were overseeing major information technology contracts.
“It was one of the things obvious to me. That we give these huge contracts out — worth hundreds of millions of dollars — then we put a real junior person [to do oversight of the vendors]. It doesn’t make sense to me at all.”
Senior level staffers are now monitoring such contracts, he added.