| Chris Krebs, the ex-director of the Cybersecurity and Infrastructure Security Agency, envisions far broader responsibilities for his former agency in the coming years. As cyberattacks rise against U.S. industries and increasingly threaten economic security and public safety, Krebs sees a greater role for CISA helping industries protect themselves from hackers and possibly policing minimum cybersecurity requirements in highly critical sectors. "I think that what you're seeing is a recognition across the senior levels of government that the status quo is not working right now, given the escalation in the threat landscape," he told me. Krebs also advocated a funding increase for the cybersecurity agency to counter the rising threats, calling a $500 million budget boost suggested by Senate Majority Leader Chuck Schumer (D-N.Y.) and others "on track." Krebs is now on the advisory board of cybersecurity company SentinelOne.  Fired Cybersecurity and Infrastructure Security Agency Director Chris Krebs testifies before a Senate Homeland Security and Governmental Affairs hearing to examine baseless claims of voter irregularities in the 2020 election. | CISA has grown considerably during the past few years as the cyber threat has exploded. During the first part of the Trump administration, it was a small agency little known outside the federal bureaucracy and officially still named the National Protection and Programs Directorate. By the end of President Donald Trump's term, it was among the most visible small agencies in government and played a key role in ensuring the 2020 election was protected against foreign hackers. Krebs played a significant role in that reputational growth, publicly advocating for better cyber protections for voting machines and for states to retire outdated machines that lacked a verified paper trail. Trump fired Krebs by tweet soon after the election for his insistence — along with other top government officials — that the outcome was valid and free of foreign interference, despite Trump's baseless claims his loss was fraudulent. Yet, CISA has struggled to become the go-to agency for civilian cybersecurity in the government. One challenge is many industry sectors that the Department of Homeland Security, CISA's parent agency, has deemed critical for national security have regulatory relationships with other parts of the government they're more comfortable working with. The focus on those sectors has ramped up recently with President Biden insisting to Russian President Vladimir Putin they should be off limits to hacking. The Energy, Transportation and Health and Human Services departments, for example, have such relationships with energy, transportation and health-care firms. Such ties might be useful when it comes to cyberthreats targeting complex sector-specific technology, such as the machines that operate dams, energy grids and some manufacturing, Krebs said. But when it comes to the commercial IT that is the target of most cyberattacks, CISA should take the lead, he said. Ransomware attacks, such as those that upended operations at Colonial Pipeline and the meat processor JBS, for example, target computer networks that are pretty uniform across companies. "For ransomware, we're talking Windows-based machines. And there's no difference in a Windows-based machine in an energy sector company or a bank or critical manufacturer," Krebs said. "So I think we've got to have a center of gravity for civilian cyber security. That was always the concept behind CISA." Krebs praised an unfolding process in which the Transportation Security Administration will partner with CISA on improving pipeline cybersecurity. The first phase of that program — which was developed in response to the Colonial Pipeline ransomware attack — requires companies to alert CISA within 12 hours if a cyberattack disrupts their computer networks. Future phases probably will mandate that pipeline companies verifiably meet minimum cybersecurity requirements. Such minimum requirements could be mandated in other critical industries as well, Krebs said, provided it's done in a nimble way such that the protections keep up with the threat. "It's reasonable, I think, to conclude that the market has failed," he said. "I suspect there will be others to come that have to have a certain set of performance [standards]. The challenge is going to be whether these minimum standards are actually going to generate the security outcomes we want, or is it just going to become a compliance exercise? The devil's in the details here." Krebs has continued since leaving government to defend top officials' conclusion the 2020 election was not undermined by foreign interference. That has included a regular stream of tweets combating claims by Trump supporters that President Biden's victory was illegitimate. He declined to speculate on whether such false claims would damage faith in the outcomes of the 2022 and 2024 contests. He pushed, however, for more government investment in election security, including ensuring almost all voting machines have voter-verified paper trails by 2022. Such paper trails make it highly unlikely hackers could change votes undetected. More than 90 percent of votes in 2020 were cast with a paper record — up from about 80 percent in 2016. That percentage was artificially raised, however, because many people voted by mail during the pandemic in districts where in-person voting was still conducted on machines that lacked paper records. | Share The Cybersecurity 202 |  |  |  | | | 
Email 
No comments:
Post a Comment