CISA can use additional resources across a range of mission areas, but needs to focus first on cleaning up federal networks amid the SolarWinds and Microsoft Exchange hacks as it absorbs $650 million in new funding allocated to the cyber agency under the American Rescue Plan Act, according to McAfee’s Kent Landfield.
“They need to focus on cleaning up the federal networks right now, they don’t have a choice,” Landfield said. “Otherwise it’s going to linger forever leaving doors open for adversaries. Identifying where the issues are with Microsoft Exchange is relatively simple, but the forensics of SolarWinds are much more difficult.”
Landfield is chief standards and technology policy strategist at McAfee and a longtime veteran of policy work in areas including NIST standards and initiatives at the Department of Homeland Security and its Cybersecurity and Infrastructure Security Agency. He discussed next steps at CISA and other pressing cyber issues in an interview Wednesday with Inside Cybersecurity.
Kent Landfield, Chief Standards and Technology Policy Strategist, McAfee
“It never ceases to amaze me that 43 words in a bill can allocate so much money, but $650 million isn’t enough,” Landfield commented. “CISA has a heck of a mission and they’re getting pressed on multiple fronts by multiple adversaries.”
He said, “SolarWinds and Microsoft Exchange are a handful for the federal government, plus there are new responsibilities, all of which put pressure on CISA.”
In addition to urgent challenges on federal network security, CISA recently announced plans to start working with the General Services Administration in April to take over management of the .gov top-level domain as part of a planned transition, which Landfield said will also increase the resource demands on the cyber agency.
“I think CISA has a good handle on the priorities, internally I think they have a plan for what they will do with the [new] money,” Landfield said. “First, look at the pain points, what do I need to do to protect the primary mission. So, for CISA, first focus on cleanup, then on integrating the .gov responsibilities.”
And, he said, the security challenges related to the massive – and in large part permanent – shift to remote work still requires high-level attention and development of a comprehensive strategy. “There are new attack vectors because of COVID,” he said.
“We need to address and support work from home,” Landfield said. “With consumer connections, you don’t report the same way as you do with [Internet Service Provider] connections.”
He commented, “One thing we’re missing as a nation is how much COVID has transformed us. There is going to be much more work from home and little to no consideration put in place around the security aspect. We need to make sure we aren’t opening another door for IP theft and more.”
Landfield said, “People are no longer protected by the organizational shield. When there’s an opportunity like this, the adversaries will be looking for the holes.”
Speaking broadly on cyber policy needs, Landfield praised the Biden White House for putting in place cyber pros Anne Neuberger and Jeff Greene at the National Security Council. He said creating a new National Cyber Director as mandated by the fiscal 2021 National Defense Authorization Act will also be a significant positive development for cyber policy, though the White House will still need to clarify roles and responsibilities.
“There is a serious realization in this administration that cybersecurity is national security, and it needs to be addressed,” he said. The National Cyber Director office, “with 40-plus dedicated staffers who work, eat and sleep cyber can’t do anything but improve cybersecurity.” – Charlie Mitchell (cmitchell@iwpnews.com)