The Cybersecurity and Infrastructure Security Agency should prioritize providing actionable risk mitigations for critical infrastructure to become more “operational,” according to former DHS cyber official Matt Hayden, in an effort to fulfill directives from the Trump administration to refocus the agency’s mission.
“In practice, that means not just telling someone that a router is bad, partnering with them on a data sharing and threat hunting agreement to get that data, but then saying ‘here’s where your risk elevates, and these are the next five actions that you should take from our guidance point to lower that risk,” Hayden told Inside Cybersecurity on the sidelines of a Sept. 4 conference.
The conference was hosted by General Dynamics Information Technology. Hayden was assistant secretary for cyber, infrastructure, risk and resilience policy at the Department of Homeland Security under the first Trump administration and is currently GDIT’s vice president of cyber and emerging threats.
Hayden emphasized that incoming leadership at CISA is looking to move the agency to “become operational.” This comes after the Trump administration directed CISA to refocus its mission. Sean Plankey’s nomination for CISA director is pending in the Senate.
Hayden said CISA should “work in that mission space, to support the rest of intergovernmental agencies to make cyber operations more targeted for critical infrastructure, as well as for large agencies that are in that space.”
“Operational means adding value to the people you’re supporting at an executable layer,” Hayden said. He added that CISA should prioritize “getting ideas of where that infrastructure is being hosted within the United States, as well as abroad.”
Hayden participated in a panel at the conference with Chris Butera, CISA’s acting deputy executive assistant director for cyber, and Commerce Department CISO Ryan Higgins.
CISA 2015 reauthorization
Butera discussed the importance of the Cybersecurity Information Sharing Act of 2015, which is set to expire on Sept. 30.
Butera said reauthorizing the info-sharing law is one of the “most important pieces of legislation” for CISA.
The House Homeland Security Committee unanimously approved a bill to reauthorize CISA 2015 for 10 years at a Sept. 3 markup.
The bill was introduced by House Homeland Security Chairman Andrew Garbarino (R-NY). It contains several changes to the law that have raised concerns from some stakeholders over the ability to get CISA 2015 reauthorized by Sept. 30.
Senate Homeland Security ranking member Gary Peters (D-MI) and Sen. Mike Rounds (R-SD) introduced a bill in April for a “clean” authorization of CISA 2015 for 10 years.
Butera said CISA has seen a “huge increase in info-sharing from especially our industry partners since that legislation was passed.”
“We are very thankful for Congress that has given us this authorization, I am very hopeful that it is reauthorized, starting with the markup yesterday,” he said.
Hayden told Inside Cybersecurity that industry is looking for a “clean reauthorization” of CISA 2015 in order to prevent the law from lapsing, while acknowledging “needed edits” should be made down the road.
If CISA were to lapse, Hayden said “a large segment of the private sector is blind to what the government sees, and vice versa.”
Hayden added, “That’s bad, but the government itself can still share across the federal government. They really just have to be empowered to execute on their defense posture and to invest in things that improve that defense posture dynamically over time.” -- Jaden Beard (jbeard@iwpnews.com)