Category: United States Director of National Intelligence

Source: US Department of Homeland Security

With WWS Sector contributions, guide provides recommended actions and available resources throughout cyber incident response lifecycle 

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Environmental Protection Agency (EPA) published a guide today to assist owners and operators in the Water and Wastewater Systems (WWS) Sector with best practices for cyber incident response and information about federal roles, resources and responsibilities for each stage of the response lifecycle. Technical expertise is not required to understand and use this guide.   

Developed in collaboration with over 25 WWS Sector industry, nonprofit, and state/local government partners, this resource covers the four stages of the incident response lifecycle:  

1. Preparation: WWS Sector organizations should have an incident response plan in place, implement available services and resources to raise their cyber baseline, and engage with the WWS Sector cyber community.  
2. Detection and analysis: Accurate and timely reporting and rapid collective analysis are essential to understand the full scope and impact of a cyber incident. The guidance provides information on validating an incident, reporting levels, and available technical analysis and support.   
3. Containment, eradication, and recovery: While WWS Sector utilities are conducting their incident response plan, federal partners are focusing on coordinated messaging and information sharing, and remediation and mitigation assistance.  
4. Post-incident activities. Evidence retention, using collected incident data, and lessons learned are the overarching elements for a proper analysis of both the incident and how responders handled it.  

“The Water and Wastewater Systems sector is under constant threat from malicious cyber actors. This timely and actionable guidance reflects an outstanding partnership between industry, nonprofit, and government partners that came together with EPA, FBI and CISA to support this essential sector. We encourage every WWS entity to review this joint guide and implement its recommended actions,” said CISA Executive Assistant Director for Cybersecurity, Eric Goldstein. “In the new year, CISA will continue to focus on taking every action possible to support ‘target-rich, cyber-poor’ entities like WWS utilities by providing actionable resources and encouraging all organizations to report cyber incidents. Our regional team members across the country will continue to engage with WWS partners to provide access to CISA’s voluntary services, such as enrollment in our Vulnerability Scanning, and serve as a resource for continued improvement.”  

“The Water and Wastewater Systems Sector is a vital part of our critical infrastructure, and the FBI will continue to combat cyber actors who threaten it,” said Assistant Director Bryan Vorndran of the FBI’s Cyber Division. “A key part of our cyber strategy is building strong partnerships and sharing threat information with the owners and operators of critical infrastructure before they are hit with an attack.”   

“Cyber threats to the water sector represent a real and urgent risk to safe drinking water and wastewater services that our nation relies on. The incident response guide assists utilities with approaches for collaboration with federal entities on lowering cyber risk in our nation’s drinking water and wastewater systems,” said EPA Assistant Administrator for Water, Radhika Fox. “EPA is committed to working with our federal, state, and water sector partners to increase the sector’s resilience and improve cyber-resilience practices.” 

All WWS utilities are encouraged to use this incident response guide to augment their incident response planning and collaboration with federal partners and the WWS before, during, and following a cyber incident. Familiarity with this guide will better prepare WWS utilities to respond to—and recover from—a cyber incident.  

For more information and resources, WWS utilities are encouraged to visit CISA’s Water and Wastewater Systems Cybersecurity webpage.  

Partners that contributed to this guide include:  

• AlexRenew  
• American Water  
• Association of State Drinking Water Administrators (ASDWA)  
• Center on Cyber and Technology Innovation (CCTI)  
• City of Dover  
• Cyber Readiness Institute (CRI)  
• Department of Homeland Security’s Office of Intelligence and Analysis 
• District of Columbia Water (DC Water)  
• Dragos 
• East Bay Municipal Utility District  
• EMA Inc.  
• Google/Mandiant 
• International Society of Automation (ISA)  
• Maine DHHS CDC Drinking Water Program 
• Microsoft  
• New Jersey Cybersecurity & Communications Integration Cell (NJCCIC)  
• Platte Canyon Water & Sanitation DistrictSan Francisco Public Utilities Commission (SFPUC) 
• Schneider Electric 
• Tenable  
• Tetra Tech  
• Trinity River Authority of Texas  
• Water Environment Federation  
• Water Information Sharing and Analysis Center (WaterISAC)  
• West Yost Inc.  
• Xylem 
• Individuals from American Water Works Association (AWWA) 

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on Twitter, Facebook, LinkedIn, Instagram.

Source: US Department of Homeland Security

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released, Cybersecurity Guidance: Chinese-Manufactured Unmanned Aircraft Systems (UAS), to raise awareness of the threats posed by Chinese-manufactured UAS and to provide critical infrastructure and state, local, tribal, and territorial (SLTT) partners with recommended cybersecurity safeguards to reduce the risk to networks and sensitive information. 

The People’s Republic of China (PRC) has enacted laws that provide the government with expanded legal grounds for accessing and controlling data held by firms in China. The use of Chinese-manufactured UAS in critical infrastructure operations risks exposing sensitive information to PRC authorities. This guidance outlines the potential vulnerabilities to networks and sensitive information when operated without the proper cybersecurity protocols and the potential consequences that could result.  

“Our nation’s critical infrastructure sectors, such as energy, chemical and communications, are increasingly relying on UAS for various missions that ultimately reduce operating costs and improve staff safety. However, the use of Chinese-manufactured UAS risks exposing sensitive information that jeopardizes U.S. national security, economic security, and public health and safety,” said CISA Executive Assistant Director for Infrastructure Security, Dr. David Mussington. “With our FBI partners, CISA continues to call urgent attention to China’s aggressive cyber operations to steal intellectual property and sensitive data from organizations. We encourage any organization procuring and operating UAS to review the guidance and take action to mitigate risk. We must work together to ensure the security and resilience of our critical infrastructure.”  

“Without mitigations in place, the widespread deployment of Chinese-manufactured UAS in our nation’s key sectors is a national security concern, and it carries the risk of unauthorized access to systems and data,” said Assistant Director of the FBI’s Cyber Division, Bryan A. Vorndran. “The FBI and our CISA partners have issued UAS guidance in order to help safeguard our critical infrastructure and reduce the risk for all of us.”   

Critical infrastructure organizations are encouraged to operate UAS that are secure-by-design and manufactured by U.S. companies. This guidance offers cybersecurity recommendations that organizations should consider as part of their UAS program, policies, and procedures.  

For more information, please visit CISA’s Unmanned Aircraft Systems Resources webpage.  

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on Twitter, Facebook, LinkedIn, Instagram. 

Source: US Department of Homeland Security

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) released its fourth annual Year in Review showcasing CISA’s work to protect the nation from cyber and physical threats, while working to increase the resilience of critical infrastructure Americans rely on every day. The 2023 Year in Review reflects on the agency’s accomplishments across its broad cybersecurity, infrastructure security and emergency communications missions as the nation and the world adapted to technological advances, spillover from international events and other major events. In 2024, CISA will continue to develop and deliver tools, training, technical expertise and other resources to help our critical infrastructure partners increase their own resilience and defenses against evolving risks. 

“This Year in Review report demonstrates CISA’s exceptional work in 2023 to protect critical infrastructure,” said CISA Director Jen Easterly. “It not only celebrates our progress from the past year but also spotlights groundbreaking milestones and pioneering ‘firsts’ achieved by the agency. These efforts are a testament to and reflect the dedication of CISA’s workforce. Because of their commitment to the mission, the critical infrastructure systems that Americans rely on every day are more secure and resilient than ever.”  

In 2023, the CISA accomplishments included:  

• Promoting Secure by Design Principles. As part of an Administration-wide push to promote secure software development, CISA launched its Secure by Design campaign in April 2023. This effort strives for a future where technology is safe, secure and resilient by design by encouraging software manufacturers to take ownership of customer security outcomes. In October 2023, CISA and 17 U.S. and international partners published an update to a joint Secure by Design white paper on “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software.” Originally released April 13, 2023, this paper urges software manufacturers to revamp their design and development programs to produce only secure by design products. It also emphasizes three core principles: 1.) Take ownership of customer security outcomes, 2.) Embrace radical transparency and accountability, and 3.) Lead from the top. 
• Leading on Artificial Intelligence. CISA published its first Roadmap for Artificial Intelligence (AI) in November 2023, adding to the significant U.S. Department of Homeland Security and broader whole-of-government effort to ensure the secure development and implementation of AI capabilities. This Roadmap outlines a whole-of-agency plan to assess possible cyber-related risks to the use of AI, provide guidance to the critical infrastructure sectors that Americans rely on every hour of every day, and capitalize on AI’s potential to improve U.S. cyber defenses.   
• Reducing the Risk of Ransomware. In March 2023, CISA launched the Pre-Ransomware Notification Initiative, which measurably reduces risk by warning organizations of early-stage ransomware activity. Since the Initiative’s launch, the agency conducted more than 1,000 pre-ransomware notifications across a variety of critical infrastructure sectors and to partners abroad.  
• Encouraging Cyber Hygiene. In September 2023, CISA launched its Secure Our World program. Secure Our World is a new and enduring cybersecurity awareness program that emphasizes four simple cyber hygiene steps everyone should implement and continuously improve upon: 1.) Use Strong Passwords and a Password Manager, 2.) Turn On Multifactor Authentication, 3.) Recognize and Report Phishing, and 4.) Update Software. The campaign featured CISA’s first-ever public service announcement (PSA) and garnered significant public attention though outreach efforts including television, radio and billboard ads, podcasts, media coverage, social media and beyond.  
• Supporting Critical Infrastructure. CISA enhanced its engagement with “target rich, resource poor” organizations, including the Water and Wastewater Sector, K-12 Education Subsector, Healthcare and Public Health Sector and the Election Security Sector. In 2023, CISA completed more than 6,700 stakeholder engagements with government and private sector participants to share threat information and promote its cybersecurity services. 
• Enhancing Emergency Communications. In 2023, CISA accumulated new subscribers to CISA’s Priority Telecommunication Services (PTS) program which enables essential personnel to communicate when landline or wireless networks become degraded, congested or otherwise unavailable. The PTS program covers wireline communications under Government Emergency Telecommunications Service (GETS), wireless voice communications under Wireless Priority Service (WPS), and priority repair and installation of critical voice and data circuits under Telecommunications Service Priority (TSP). In 2023, GETS added 51,023 new subscribers, thanks in large part to focused outreach during the second annual Emergency Communications Month in April. In addition, WPS users increased by 283,357 subscribers. TSP also added restoration priority to 18,307 new circuits that support national security emergency preparedness missions. 
• Providing Resources to State and Local Governments. In 2023, CISA and the Federal Emergency Management Agency (FEMA) jointly implemented the State and Local Cybersecurity Grant Program (SLCGP). The SLCGP is a first-of-its-kind cybersecurity grant program specifically for state, local and territorial governments across the country.  In September 2023, CISA and FEMA announced the of Notice of Funding Opportunity for the Tribal Cybersecurity Grant Program, allocating $18.2 million to bolster cybersecurity among federally-recognized tribes.  
• Strengthening Regional Election Security Support. In 2023, CISA established dedicated election security advisors (ESAs) in each of its 10 regions to provide support and resources to promote secure elections. These ESAs work directly for CISA’s Regional Directors and with the agency’s cybersecurity and protective security advisors to ensure CISA’s capabilities and services are being optimally employed to meet the unique needs of each state or locality. 
• Improving Security for Chemical Facilities. CISA celebrated the second anniversary of its ChemLock voluntary program in November 2023. This program provides facilities possessing dangerous chemicals with tailored, scalable, no-cost services and tools to improve their chemical cyber and physical security posture. 

This digitally interactive 2023 Year in Review takes on a new look and feel, providing the reader with a brief snapshot of CISA’s accomplishments while linking back to corresponding CISA.gov webpages for a deeper dive into its programs and initiatives.  

Read the full Year in Review to learn more about CISA’s accomplishments and success stories from 2023. 

###

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on Twitter, Facebook, LinkedIn, Instagram.

Source: US Department of Homeland Security

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) published a Request for Information from all interested parties on secure by design software practices, including the Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software whitepaper, as part of our ongoing, collective secure by design campaign across the globe.  

To better inform CISA’s Secure by Design campaign, CISA and our partners seek information on a wide range of topics, including the following:  

• Incorporating security early into the software development life cycle (SDLC): What changes are needed to allow software manufacturers to build and maintain software that is secure by design, including smaller software manufacturers? How do companies measure the dollar cost of defects in their SDLC?  
• Security is often relegated to be an elective in education: What are some examples of higher education incorporating foundational security knowledge into their computer science curricula; When new graduates look for jobs, do companies evaluate security skills, knowledge, and experience during the hiring stage, or are employees reskilled after being hired? 
• Recurring vulnerabilities: What are barriers to eliminating recurring classes of vulnerability; how can we lead more companies to identify and invest in eliminating recurring vulnerabilities; how could the common vulnerabilities and exposures (CVE) and common weakness enumeration (CWE) programs help? 
• Operational technology (OT): What incentives would likely lead customers to increase their demand for security features; Which OT products or companies have implemented some of the core tenants of secure by design engineering? 
• Economics of secure by design: What are the costs to implement secure by design and default principles and tactics, and how do these compare to costs responding to incidents and breaches? 

“While we have already received a wide range of feedback on our secure by design campaign, we need to incorporate the broadest possible range of perspectives,” said CISA Director Jen Easterly. Our goal to drive toward a future where technology is safe and secure by design requires action by every technology manufacturer and clear demand by every customer, which in turn requires us to rigorously seek and incorporate input. The President’s National Cybersecurity Strategy calls for a fundamental shift in responsibility for security from the customer to software manufacturers, and input from this RFI will help us define our path ahead, including updates to our joint seal Secure by Design whitepaper.  

Co-sealed by 18 U.S. and international agencies, our recent Secure by Design guidance strongly encourages every software manufacturer to build products in a way that reduces the burden of cybersecurity on customers. More recently, CISA launched a new series of Secure by Design Alerts outlining the real-world harms that result from technology products that are not secure by design.  

With our partners, CISA encourages technology manufacturers and all interested stakeholders to review the Request for Information and provide written comment on or before 20 February 2024. Instructions for submitting comment are available in the Request for Information. The feedback on our current analysis or approaches will help inform future iterations of the whitepaper and our collaborative work with the global community.  

To learn more about Secure by Design, visit our webpage. Questions regarding the RFI can be emailed to SecureByDesign@cisa.dhs.gov. 

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, CISA leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day. 

Visit CISA.gov for more information and follow us on Twitter, Facebook, LinkedIn, Instagram.  

Source: US Department of Homeland Security

Since 2021, Over 1,200 Students in 32 States Created Projects to help prevent targeted violence and terrorism in their communities

WASHINGTON – On Wednesday, January 24, the Department of Homeland Security’s (DHS) Center for Prevention Programs and Partnerships (CP3), hosted 27 students selected as finalists from three out of 18 universities and three out of 24 high schools who are developing innovative projects to help prevent targeted violence and terrorism in their communities. The students are finalists in Invent2Prevent (I2P), a contest launched in Spring 2021 that has seen more than 1,200 students participate from 119 universities across 32 states and Washington, D.C., and 138 high schools across 25 states.

Iowa State University, Ames, IA and North Panola Career and Technical Center, Como, MS were named the winners of the university and high school categories, respectively. These teams will use the resources to further advance and scale their initiatives and projects. Thirteen I2P teams have successfully continued their projects through the McCain Institute Sustainment Program, and four of those teams have secured additional funding through DHS CP3’s Targeted Violence and Terrorism Prevention (TVTP) Grant Program.

“Prevention is a community effort, and programs like I2P give young minds the opportunity to work together to take on the toughest challenges facing the world today,” said CP3 Director William Braniff. “The next generation of changemakers understand that acts of targeted violence and terrorism are often preventable, and they are helping their peers and their schools do just that. I am inspired by their work and their commitment to building safe and resilient communities.”

“The freedom that I2P gave us to choose a topic such as school shootings allowed us to make a TRUE impact towards preventing them and making real progress for mental health accountability,” said Kathleen Hepworth, Student at Iowa State University. “I’m grateful for their support all semester and their feedback and guidance was crucial to our project success.”

“Invent2Prevent has been very helpful and encouraging during our semester of work. They gave us a free space to express an important cause in our community,” said Keniya Davis, Student at North Panola Career and Technical Center. “Peer No Pressure had a very positive impact on our community and grabbed a lot of people’s attention. With us being able to amplify our message even more with the help of I2P, we are definitely making a change in the community.”

As part of a semester-long project, each team evaluated a current threat facing the nation, such as campus safety, cyberbullying, and violent extremism. The teams then created a program or tool to educate or build on the strengths of their community to decrease the likelihood of targeted violence and terrorism. During the final round of competition in Washington, D.C., students presented their projects for the opportunity to be awarded funding to carry-out their proposed initiatives. The students presented their projects to a panel of judges consisting of government officials and civil society leaders with expertise in the fields of protection and prevention, education, youth engagement, and mental health, along with past I2P student participants.

CP3 strengthens our country’s ability to prevent targeted violence and terrorism nationwide through funding, training, increased public awareness, and partnerships across every level of government, the private sector, and in local communities. CP3 seeks to ensure that the leaders of tomorrow play an active role in designing innovative solutions to build more resilient communities today through programs, such as Invent2Prevent.

Through the TVTP Grant Program, CP3 provides funding for state, local, tribal, and territorial governments, nonprofits, and institutions of higher education to establish or enhance their capabilities to prevent targeted violence and terrorism. In 2022, DHS awarded $20 million in TVTP Grants, of which more than $1 million has been awarded to amplify the impact of previous Invent2Prevent projects. For more information on the TVTP Grants Program, please visit www.dhs.gov/tvtpgrants.

“Invent2Prevent is a fantastic program that harnesses the creativity and enthusiasm of youth to support CP3’s public health approach to prevention,” said Brette Steele, Senior Director for Preventing Targeted Violence at the McCain Institute. “Our I2P students are at the forefront of innovation in the prevention field. Each semester, we look to them to help us develop solutions that resonate and build resilience in their respective communities. This semester we saw more creative ideas than ever before, and the competition to make it to D.C. was fierce. Congratulations to the finalist teams and to all the I2P teams on their hard work this semester.”

“These competitions are what we live for. There is nothing more exciting than to witness what these Invent2Prevent finalists have created,” said Tony Sgro, Founder and CEO of EdVenture Partners. “Each semester I am continually amazed by the level of student innovation. These students are addressing difficult issues that they are personally facing in their schools, on their campuses, and in their communities and they are providing credible, authentic solutions; it is pretty incredible. I have absolute belief that these young learners are tomorrow’s leaders.”

The three university finalists finished in the following order:

Iowa State University, Ames, IA
The Iowa State University team created MIND SPACE, an initiative that creates a connected, supportive community by providing educational resources that help others understand mental health and behaviors that destigmatize help-seeking behaviors, while offering a physical location where students can access mental health resources in privacy on campus. MIND SPACE was created to reduce the mental health stigma in academic settings and help prevent individuals from engaging in violence, and specifically school shootings. By fostering protective factors and a connected community, the initiative ensures bystanders feel confident in aiding those with mental health issues, while helping reduce social isolation for people experiencing mental health concerns.

Middlebury Institute for International Studies, Monterey, CA
The Middlebury Institute for International Studies team created Project Gravity, a SoftLanding GPT artificial intelligence (AI) powered chatbot that acts as a resource toolkit to help individuals whose loved ones could be on a path toward violent extremism. The Project Gravity chatbot is intended to provide resources and responses that give people the confidence they need to have difficult conversations. Project Gravity embraces a public health model of targeted violence prevention by reducing the attractiveness of violent narratives through resiliency building on individual, family, and community levels.

University of Nebraska, Lincoln, NE
The University of Nebraska, Lincoln (UNL) team created SafeSpace Nebraska, an initiative that focuses on enhancing the preparedness of college students for school shooting events. While school safety protocols have been actively promoted in high schools, this initiative is intended to address a lack of preparedness training on campuses. The project increases awareness of the “Run. Hide. Fight!” protocol in the UNL community. Through a variety of interactive tactics, including scenario-based training, SafeSpace Nebraska engages UNL students and staff to enhance their knowledge of what to do in the event of an active shooter situation on campus. Additionally, SafeSpace Nebraska advocates for university safety protocols to be added to all UNL class syllabi through the creation of a Change.org petition.

The three high school finalists finished in the following order:

North Panola Career and Technical Center, Como, MS
The North Panola Career and Technical Center team created Peer No Pressure, an initiative dedicated to providing students, ages 12-18, with a safe and supportive space to minimize bullying and peer pressure, through the use of peer-led discussions, engaging skits, and a mentorship program. Peer No Pressure seeks to rewrite the narrative on peer pressure and bullying, while cultivating an environment where peers’ voices matter and produce change. Peer No Pressure believes that by embracing empathy and fostering a culture of prevention, the resulting shared commitment to creating safe spaces and positive relationships can form a united front against bullying and peer pressure.

Burlington Township High School, Burlington NJ
The Burlington Township High School team created CTRL + ALT + DELETE Cyberbullying, where “Being a Bystander is Saying Bye to Your Standards,” an initiative to educate 5th grade students on how to identify, report, and stop cyberbullying. It was created with four goals in mind: 1) educate students about cyberbullying; 2) create a support group among students; 3) provide parents with knowledge and information; and 4) educate students on reporting acts of cyberbullying. The team partnered with the Burlington Township District guidance counselor and the Fountain Woods Elementary School head guidance counselor to bring this project to life. The team worked to create an in-person outreach that was both easy for teachers to implement and effective among their target audience.

Louisiana Youth Advisory Council, Baton Rouge, LA
The Louisiana Youth Advisory Council team wrote “Thao, Pradeep, and Carolina,” a children’s book meant to expose kindergarten students to new cultures. Each character in the book introduces their unique cultural holiday by talking about their favorite traditions and how they celebrate. By exposing and educating children about different cultures early in their schooling, the project seeks to prevent racism and othering in the future. By promoting inclusivity, this book is intended to encourage students to be open-minded to unfamiliar ideas and instill positive associations with those of different backgrounds beginning at a young age. This project was created with four goals in mind: 1) curtail discrimination against different cultures and races through exposure; 2) provide an opportunity for education and discussion; 3) introduce differences in culture at an early age to encourage children to welcome differences of others; and 4) create a more inclusive and embracing environment where children are more empathetic to their peers.

DISCLAIMER
Statements attributed to non-governmental organizations are for informational purposes only. References do not constitute an official endorsement of the organization, its work, or its product or services by the U.S. Department of Homeland Security or the Federal Government.

###

Source: US Department of Homeland Security

New Customer Experience Directorate has reduced public burden by 21 million+ hours in 2023 and improved delivery of Department’s services, resources and support

WASHINGTON – Following the second anniversary of President Biden’s Executive Order 14058 “Transforming Federal Customer Experience and Service Delivery to Rebuild Trust in Government,” the Department of Homeland Security (DHS) recognized significant strides toward improving customer experience (CX) and reducing the administrative burden on the American public in 2023 and pledged to build upon those improvements in 2024.

“More Americans interact with the Department of Homeland Security every day than with any other Department in the federal government, and our personnel are focused on ensuring our services, resources, and support are easily and readily accessible. That is why we established an office dedicated to improving customer experience,” said Secretary Alejandro N. Mayorkas. “We have made significant progress in modernizing our delivery of services through the use of new technologies and the talent, ingenuity, and dedication of our extraordinary personnel. Looking ahead, we will continue to improve the customer experience for the millions of individuals with whom we interact every day, while advancing equity, protecting individuals’ privacy rights and civil liberties, and increasing our openness, transparency, and accountability.”

In addition to announcing the permanent Customer Experience Directorate in September 2023, the DHS workforce has improved CX and reduced public burden in a variety of ways, including:

• Saving Customers’ Time: Forms to request services and benefits are getting faster and easier to use across DHS. The Department reduced public burden by 21,425,258 hours, exceeding its 20-million-hour goal, by making forms fully digital, pre-populating fields, and eliminating unnecessary fields.
• Making Services More Accessible for Customers: Most people applying for immigration benefits with USCIS can now go online to update addresses, reschedule biometric appointments, and track personalized processing times on select forms, eliminating the need to call in or fill out a paper form to take care of most basic tasks.
• Focusing on Disaster Survivors’ Specific Needs: Disaster survivors will have a faster, easier, and more streamlined digital way of applying for individual assistance at disasterassistance.gov. FEMA used customer feedback and user research to improve and redesign registration and intake processes, requiring disaster survivors to provide only information relevant to their individual needs.
• Streamlining Immigration Obligations: Noncitizens in immigration proceedings can now use the ICE Portal, a central, online way to manage and track their responsibilities, such as scheduling appointments, updating their addresses, and checking immigration court hearing information.
• Improving Travelers’ Experiences: TSA’s implementation of new identity verification technology for PreCheck^® passengers in 28 airports speeds up checkpoints while ensuring security.
• Automating Key Points in the Supply Chain: Vessel agents and ship operators will free up time using U.S. Customs and Border Protection’s transformed vessel entry and clearance process, which is now digital.  A transaction that used to take hours will now take just a few minutes and can be completed almost entirely online, when the system is fully deployed nationwide in FY 2024.
• Validating Improvements: This past spring, over 13,000 passengers in airports across the U.S. gave TSA feedback on its services, and the results measured high satisfaction with their experiences on the day they took the survey.
  • 93 percent overall Customer Satisfaction score.
  • 95 percent of passengers surveyed reported that interactions with officers were professional and respectful during the screening process.
  • 94 percent of passengers reported confidence in the ability of officers to keep air travel safe.
  • 91 percent of passengers experienced reasonable wait times with 89 percent waiting less than 15 minutes at their checkpoint.
  • 78 percent of passengers reported experiencing no challenges at their checkpoint.
• Embedding CX throughout the Department: DHS has hired more than 70 CX professionals, who are working across components to build and scale CX capacity.

The Customer Experience Directorate is in the Office of the Chief Information Officer to further advance CX as a Department-wide priority.

“Our workforce places customers at the center of everything we do,” said DHS Chief Information Officer Eric Hysen. “I am proud of the work our Customer Experience professionals do across the Department as we continue to implement President Biden’s customer experience vision.”

Earlier this year, DHS published its Burden Reduction Plan for FY24, which outlines the Department’s goal of eliminating an additional 10 million hours of public burden by September 30, 2024. Additionally, Secretary Mayorkas has tasked each Component with creating its own burden reduction strategies. All of these priorities are part of the new DHS IT Strategic Plan for 2024-2028, which includes a strategic goal of improving customer experience and transforming the delivery of DHS services.

To learn more about the Department’s progress to improve customer experience, please visit DHS’s CX website.

# # #

Source: US Department of Homeland Security

In first year of new process for workers supporting labor investigations and enforcement actions, DHS has protected over one thousand workers

DHS announces process for requesting renewal of deferred action for these workers

WASHINGTON – Through the enhanced process announced one year ago, the Department of Homeland Security (DHS), in partnership with the Department of Labor and other federal, state and local labor agencies, has protected over one thousand noncitizen workers who were victims of, or witnesses to, a violation of labor rights. This process to streamline and expedite consideration of workers’ deferred action requests has maintained DHS’s longstanding practice of using its discretionary authority to consider labor and employment agency-related deferred action requests for workers on a case-by-case basis.

These improvements advance the Biden-Harris Administration’s commitment to empowering workers and to improving workplace conditions by enabling all workers, including noncitizens, to more freely assert their legal rights. Fear of reporting violations due to immigration-based retaliation can create an unfair labor market and perpetuate the commission of unlawful and inhumane acts by employers, ranging from nonpayment of wages to imposing unsafe working conditions and chilling workers’ ability to organize and collectively bargain to improve their work conditions. Workers can visit DHS.gov for additional information and to submit requests.

“Noncitizen workers should never be afraid to report exploitation in the workplace or fear retaliatory actions from an abusive employer,” said Secretary of Homeland Security Alejandro N. Mayorkas. “No employer is above the law. DHS will work with our law enforcement partners to hold those who prey on the vulnerability of migrants accountable and provide protection to those who come forward to report abuse. Combatting labor exploitation helps ensure fair wages and safe working conditions for all workers in our country.”

DHS is announcing new guidance for noncitizen workers requesting a renewal of deferred action through these processes. A noncitizen granted deferred action based on a labor agency enforcement interest may request a subsequent period of deferred action for an additional two years when there continues to be an ongoing labor agency need. This will protect workers when the labor agency investigation or enforcement action has not yet concluded. DHS is also releasing information for labor agencies on how to provide updated statements describing the ongoing labor agency need.

Subsequent requests from workers must be accompanied by an updated statement from the labor agency explaining the continued need for workers to assist in their investigation or prosecution, or in the enforcement of any court order or settlement agreement.

Agencies tasked with enforcing labor and employment laws depend on the cooperation of these workers in their investigations and enforcement actions. DHS’s practice of offering discretionary protection on a case-by-case basis to workers increases the ability of labor and employment agencies to more fully investigate worksite violations and support those agencies in fulfilling their mission to hold abusive employers accountable through their enforcement actions.

Noncitizens can submit such requests to U.S. Citizenship and Immigration Services (USCIS) through a central intake point established specifically to support labor agency investigative and enforcement efforts. Learn about the process for workers and labor agencies.

###

Source: US Department of Homeland Security

During first in-person meeting of the Tribal Homeland Security Advisory Council, Tribal leaders from across the country shared perspectives on homeland security policies and practices that affect Tribal Nations and indigenous communities.

Last week, Secretary of Homeland Security Alejandro N. Mayorkas convened tribal representatives to discuss key challenges facing their communities, including the accessibility of Department of Homeland Security (DHS) grants, improving cyber resilience, and best practices to address the crisis of missing and murdered indigenous people. Subcommittees of the Tribal Homeland Security Advisory Council (THSAC) presented their recommendations to the full Council on ways the Department can address these challenges. This was the THSAC’s first in-person meeting since forming on September 7, 2022.   

The Subcommittee on Accessibility to DHS Grants recommended that DHS improve access to grant programs for tribes and tribal communities. Key policy recommendations from the committee include the establishment of a more accessible grant and application process with more flexibility and improving the consultation process with tribes to ensure grant priorities match the needs of tribal communities. The subcommittee also proposed a few legislative recommendations that would require Congressional action.  

The Subcommittee on Cybersecurity recommended that DHS improve accessibility to cybersecurity resources for tribes and tribal communities. Key recommendations included addressing the talent deficit of tribal cybersecurity professionals and providing equity assessments in rural regions to understand cybersecurity vulnerabilities in Tribal Nations. 

The Subcommittee on Addressing the Crisis of Missing and Murdered Indigenous People (MMIP) recommended that DHS improve its role in support of Executive Order 14053, which tasked the Department with providing support to federal partner agencies, including the Department of Justice, Department of the Interior, and the Department of Health and Human Services, with their efforts to combat the crisis of MMIP. Key recommendations include the creation of a secure, updated, and centralized Tribal Nation Platform for data collection and networking, and the consolidation of victim and survivor services under one platform to improve available resources.  

The Tribal Homeland Security Advisory Council enables Tribal leaders to advise the Secretary on homeland security policies and practices that affect Indian Country and indigenous communities, in areas including emergency management, law enforcement, cybersecurity, domestic terrorism and targeted violence, and border security. The Council engages with DHS agencies and offices to produce recommendations and reports for the Secretary. The Council is charged with collaborating on all matters of homeland security.  

The Tribal Homeland Security Advisory Council is one of four Councils of outside experts that provide advice and recommendations to the Secretary on matters related to various aspects of homeland security. The Faith-Based Security Advisory Council provides advice and recommendations to the Secretary and other senior leadership on matters related to protecting houses of worship, preparedness, and enhanced coordination with the faith community. The Homeland Security Academic Partnership Council provides strategic and actionable recommendations to the Secretary on campus safety and security, improved coordination, research priorities, hiring, and more. Members represent higher education associations, campus law enforcement, two- and four-year colleges and universities, Historically Black Colleges and Universities, Hispanic-Serving Institutions, Tribal Colleges, and Asian American and Pacific Islander-Serving Institutions. And the Homeland Security Advisory Council, comprised of private sector leaders, produced a record eight reports in 2023 for the Council on critical topics ranging from Customer Service to AI. These recommendations led to the development of new initiatives, like the Supply Chain Resilience Center, customer experience improvements across component agencies, and critical AI policy. 

To learn more about the Council, please visit https://www.dhs.gov/tribal-advisory-council. 

Learn more about the Biden-Harris Administration’s efforts to better support tribal nations.