This document builds on the Department of Homeland Security's Quadrennial Homeland Security Review’s strategic framework by providing a clear path to create a safe, secure, and resilient cyber environment for the homeland security enterprise. With this guide, stakeholders at all levels of government, the private sector, and our international partners can work together to develop the cybersecurity capabilities that are key to our economy, national security, and public health and safety.
The Blueprint describes two areas of focus:
- Protecting the critical information infrastructure today. This focus concentrates attention on systems and assets within the cyber ecosystem that are vital to the United States. This information infrastructure can best be protected by reducing exposure to risk, ensuring priority response and recovery, maintaining shared cyber situational awareness, and increasing resilience.
- Building a stronger cyber ecosystem. This focus is designed to drive fundamental change in the way people and devices work together to secure cyberspace. This evolutionary change in the computing environment will be achieved by empowering individuals and organizations to operate securely, making and using more cyber protocols, products, services, configurations, and architectures, building collaborative communities, and establishing transparent processes.
The Blueprint is designed to protect our most vital systems and assets and, over time, drive fundamental change in the way people and devices work together to secure cyberspace. The integration of privacy and civil liberties protections into the Department's cybersecurity activities is fundamental to safeguarding and securing cyberspace.
These goals are supported by nine objectives. Each objective is dependent on a variety of capabilities that, when implemented, will work in tandem to effectively anticipate and respond to a wide range of threats. Some of the cybersecurity capabilities described in the Blueprint are robust and at work today, while others must be expanded. Still others require further research and development. All necessitate a collaborative and responsive cybersecurity community. The Blueprint also lists four goals for strengthening the cyber ecosystem:
- Empower individuals and organizations to operate securely
- Make and use more trustworthy cyber protocols, products, services, configurations and architectures
- Build collaborative communities
- Establish transparent processes
These goals are supported by eleven objectives, and depend on a broad set of capabilities, described in the Strategic Concept section of the Blueprint.