CISA Needs to be ‘Quarterback’ of U.S. Cybersecurity, Rep. Katko Says

January 28, 2021 by Victoria Turner
CISA Needs to be ‘Quarterback’ of U.S. Cybersecurity, Rep. Katko Says
Rep. John Katko. (Screen Shot)

Recent cyberattacks on U.S. federal systems point to the need to make the Cybersecurity and Infrastructure Agency the “centralizing authority system” for the nation, said Rep. John Katko, R-N.Y., during a fireside chat at the State of Net Conference.

That said, Katko went on to say he doesn’t believe CISA should take authority away from other agencies, rather that it should serve as an advising “quarterback” in the “.gov realm.”

The New York Republican went on to describe his “five pillars” of cybersecurity this way:

  • Centralizing authority under the CISA to move away from the government’s current fragmented approach to addressing the issue;
  • Gaining a deeper understanding of third-party cyber risks and the extent of their impact;
  • Crafting a better process for the certification of vendors once this third-party risk is identified;
  • Implementing stronger software assurance practices to ensure that systems are not vulnerable while updating; and
  • Getting tougher. Katko suggests the U.S. “whack the hell out” of the bad actors that commit these attacks through actions like indictments or sanctions.

“There needs to be very serious consequences from an economic standpoint,” he said, adding that even the potential for offensive cyber capabilities could be utilized in certain situations “if the powers that be deemed them necessary.”

Pointing out the “gigantic disparity” between how much capital bad actors – such as China and Russia – invest in their offensive cyber capabilities versus the “mere fraction” by comparison the U.S. spends on its defensive capabilities, Katko said the government must do more by “beefing it up and making sure we have a cyber director” to act as the authoritative figurehead for cybersecurity.

“Until we start leveling the playing field, we are going to have a hard time trying to keep our systems safe going forward,” Katko said.

“We definitely made progress with CISA in the last administration, but it is still not anywhere near where it needs to be,” he said, noting the need for more funding for CISA to receive the necessary tools and resources.

“Gone are the days where [cybersecurity’s mission] was to just get a patch to fix a cyber vulnerability … it is not about just fixing your patches anymore. It is interwoven with every fabric of our business and every fabric of our society from medicine to our homes … everything is tied to the internet,” he added.

Katko authored eight measures in the recently enacted National Defense Authorization Act for Fiscal Year 2021 addressing six key issues from cybersecurity to two measures to better tackle mental health care, noting in a statement that the security breach of Texas-based software developer SolarWinds by Russian hackers “underscores our nation’s cyber vulnerabilities.”

The six provisions tackling these vulnerabilities incorporate recommendations from the Cybersecurity Solarium Commission.

These include reinvigorating the Cybersecurity and Infrastructure Agency by:

·       Requiring the Department of Homeland Security to conduct a review the CISA’s fulfillment of missions and best practices recommendations through the Strengthening CISA Act of 2020;

·      Stabilizing the CISA director and assistant director positions to boost guidance and long-term strategies; establishing a committee composed of industry representatives to advise the agency and the DHS; 

·      Conducting of joint cyber planning for public-private cooperation and planning; and 

·      Requiring a strategic implementation plan of a national Domain-based Authentication, Reporting and Conformance standard for US-based email providers by the head of the DHS. 

The last two measures seek to expand mental health care for service members and rural communities through the Military Mental Health Stigma Reduction Act and the Seeding Rural Resilience Act, particularly in light of the novel coronavirus pandemic.

Katko further explained that the pandemic has “metastasized” the cybersecurity problem due to nationwide remote work, particularly that of government employees, and other virtual programs dealing with highly sensitive personal data such as telehealth and telemedicine initiatives.

“All those things are here to stay,” he said, adding that understanding that the “SolarWinds debacle” is “symptomatic of a much larger problem.”

The full text of the 2021 NDAA can be found here.

A+
a-
  • CISA
  • cybersecurity
  • Internet
  • John Katko
  • State of Net Conference
  • Technology
  • In The News

    Health

    Voting

    Cybersecurity

    Americans Reporting Nationwide Cellular Outages From AT&T, Cricket Wireless and Others

    A number of Americans are dealing with cellular outages on AT&T, Cricket Wireless, Verizon, T-Mobile and other service providers, according... Read More

    A number of Americans are dealing with cellular outages on AT&T, Cricket Wireless, Verizon, T-Mobile and other service providers, according to data from Downdetector. AT&T had more than 73,000 outages around 9:30 a.m. ET, in locations including Houston, Atlanta and Chicago. The outages began at approximately... Read More

    States and Congress Wrestle With Cybersecurity at Water Utilities Amid Renewed Federal Warnings

    HARRISBURG, Pa. (AP) — The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international... Read More

    HARRISBURG, Pa. (AP) — The tiny Aliquippa water authority in western Pennsylvania was perhaps the least-suspecting victim of an international cyberattack. It had never had outside help in protecting its systems from a cyberattack, either at its existing plant that dates to the 1930s or the... Read More

    December 6, 2023
    by Dan McCue
    HHS Unveils Next Steps to Enhance Cybersecurity of Health Care Records

    WASHINGTON — The bad guys in cyberspace want your health care records.  Between 2018 and 2022, there was a 93%... Read More

    WASHINGTON — The bad guys in cyberspace want your health care records.  Between 2018 and 2022, there was a 93% increase in large breaches in the health care sector, with a 278% increase in large breaches involving ransomware, according to the Department of Health and Human... Read More

    Insider Q&A: Pentagon AI Chief on Network-Centric Warfare, Generative AI Challenges

    The Pentagon's chief digital and artificial intelligence offer, Craig Martell, is alarmed by the potential for generative artificial intelligence systems... Read More

    The Pentagon's chief digital and artificial intelligence offer, Craig Martell, is alarmed by the potential for generative artificial intelligence systems like ChatGPT to deceive and sow disinformation. His talk on the technology at the DefCon hacker convention in August was a huge hit. But he's anything... Read More

    October 31, 2023
    by Tom Ramstack
    US Workforce Unprepared for AI, Technology Experts Tell Senate

    WASHINGTON — President Joe Biden’s executive order Monday setting regulatory standards for artificial intelligence prompted witnesses at a Senate hearing... Read More

    WASHINGTON — President Joe Biden’s executive order Monday setting regulatory standards for artificial intelligence prompted witnesses at a Senate hearing Tuesday to say it is only a first step in a process likely to transform American workplaces. “Artificial intelligence will not only disrupt lives, it will... Read More

    July 18, 2023
    by Tom Ramstack
    Congress Told AI Holds Great Risks and Benefits for US Military

    WASHINGTON — Artificial intelligence experts warned Tuesday during a congressional hearing of ominous dangers for the United States if it... Read More

    WASHINGTON — Artificial intelligence experts warned Tuesday during a congressional hearing of ominous dangers for the United States if it falls behind in developing the technology but a bright future by taking the lead. One of the greatest risks would be defending against a foreign enemy... Read More

    News From The Well
    scroll top