facebook linkedin twitter

Aspen Cyber Summit Explores Collective Defense in a Digital World

September 29, 2021 by Victoria Turner
Jen Easterly, Director, Cybersecurity and Infrastructure Security Agency

WASHINGTON — The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,” but there is “still a lot of work to do,” said CISA Director Jen Easterly Wednesday. 

Kicking off the 6th annual Aspen Cyber Summit, Exploring Collective Defense in a Digital World, Easterly said she has identified four areas “to put out resources” to cyber-defend the nation: culture and talent, federal cybersecurity, critical infrastructure security, and partnerships. 

The newest federal agency under the U.S. Department of Homeland Security has been given an array of new responsibilities through the 2021 National Defense Authorization Act and $650 million from the American Rescue Plan in order to complete its mission of securing the nation’s physical and digital infrastructure, Easterly said.

To do so, Easterly stated that the agency first needs to transform itself into the “agency the nation deserves” by establishing a culture of inclusion, transparency, collaboration, ownership and empowerment in order to attract and retain a strong, diverse cyber workforce. 

“I believe diversity of thought, background and experience helps you solve the hardest problems much quicker,” she said, pointing out CISA will be awarding grants to nonprofits for underserved communities to this end, but also to build “cyber..and digital resilience.” 

The latter, she explained, means training people to protect themselves online from “K through grey,” which “at the end of the day…it’s thinking before you click” and implementing steps like multi-factor authentication. According to Easterly, an industry study showed that accounts with MFAs had 99% less chance of being hacked. 

The second major area of concern is federal cybersecurity, she said, with lawmakers looking to reform the 2014 Federal Information Modernization Act as part of an effort to modernize the federal government. 

FISMA reform, she said, should be used to “codify CISA’s role as the operational lead for federal cybersecurity.” 

Within the nation’s critical functions and infrastructure sectors, she said, “everything is connected, everything is interdependent, everything is vulnerable.” This means there is a lot of emphasis across the board on establishing performance goals. For example, she said, the close collaboration with energy, water, wastewater and chemical pipeline companies as CISA works with the White House on their 100-day sprint to secure the U.S. power grid

But 85% of the U.S. infrastructure is operated by the private sector, she pointed out. This comes down to partnerships among federal, state. local governments and private industry, which led to the creation of the Joint Cyber Defense Collaborative.

Specifically, the JCDC will:

  • Design and implement comprehensive, whole-of-nation cyber defense plans to address risks and facilitate coordinated action;
  • Share insight to shape joint understanding of challenges and opportunities for cyber defense;
  • Implement coordinated defensive cyber operations to prevent and reduce impacts of cyber intrusions; and
  • Support joint exercises to improve cyber defense operations.

So CISA, the National Security Agency, the Federal Bureau of Investigations and the Department of Defense’s U.S. Cyber Command have joined up “with the power of the private sector,” she said. 

“If you can’t see it, you can’t defend it,” Easterly explained, “so the whole point is, we can use this to see the dots to connect the dots, and then drive collective action to reduce risk at scale.”

Cybersecurity

October 22, 2021
by Reece Nations
Commerce Department Tightens Export Controls on Cybersecurity Items

WASHINGTON — The Department of Commerce’s Bureau of Industry and Security announced on Wednesday it would institute new export controls... Read More

WASHINGTON — The Department of Commerce’s Bureau of Industry and Security announced on Wednesday it would institute new export controls over cybersecurity items such as cyber intrusion software that can be used maliciously. The department’s new policy also creates a new license exception for authorized cybersecurity... Read More

October 14, 2021
by Victoria Turner
Cybersecurity Experts Point to More Investment Needed in Detection, Response

WASHINGTON -- If everyone were to employ proper cyber hygiene like multi-factor authentication or not clicking on links in phishing... Read More

WASHINGTON -- If everyone were to employ proper cyber hygiene like multi-factor authentication or not clicking on links in phishing emails, more than 85% of cyberattacks would be prevented, said Sen. Angus King, I-Maine, Thursday.  “The best hack is the one that doesn’t happen,” King said... Read More

October 5, 2021
by Victoria Turner
Cybersecurity Minimum Standards Needed to Keep North America Secure

North American governments should come together to create a trilateral strategy to assess and address threats in a holistic risk-based... Read More

North American governments should come together to create a trilateral strategy to assess and address threats in a holistic risk-based approach to cybersecurity that includes a minimum set of standards, said three experts yesterday. As much as the pandemic has accelerated the rate in which governments... Read More

September 29, 2021
by Victoria Turner
Aspen Cyber Summit Explores Collective Defense in a Digital World

WASHINGTON -- The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,”... Read More

WASHINGTON -- The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,” but there is “still a lot of work to do,” said CISA Director Jen Easterly Wednesday.  Kicking off the 6th annual Aspen Cyber Summit, Exploring Collective... Read More

September 22, 2021
by Victoria Turner
Identity Authentication Key Piece of Cybersecurity Puzzle

WASHINGTON -- Identity authentication is taking a front-and-center role in the administration's approach to ensuring robust cybersecurity across the U.S.... Read More

WASHINGTON -- Identity authentication is taking a front-and-center role in the administration's approach to ensuring robust cybersecurity across the U.S. government, according to Carole House, director of cybersecurity and secure digital Innovation at the White House National Security Council.  It “sits at the heart of zero... Read More

September 1, 2021
by Tom Ramstack
Executives Advocate for Legislation to Unite Government and Private Cybersecurity

WASHINGTON -- A cybersecurity expert told a congressional panel Wednesday that private industry alone cannot be expected to effectively confront... Read More

WASHINGTON -- A cybersecurity expert told a congressional panel Wednesday that private industry alone cannot be expected to effectively confront the kinds of cyberattacks that have wreaked havoc on U.S. computer networks in recent years. He testified to a House Homeland Security subcommittee as it considers... Read More

News From The Well
scroll top