Cybersecurity 202- The Department of Homeland Security plans to apply the lessons it learned from the 2018 midterm elections on cybersecurity to other critical infrastructure, and will be helped by the imminent elevation of its responsibility for civilian cybersecurity throughout the government.
“That serves as a model for how we’re going to partner to protect the grid, to protect the banks,” DHS cybersecurity chief Chris Krebs told private industry leaders on Thursday. “We’ve made a significant amount of progress, and going forward we have to look to how we can replicate those sorts of engagements.”
Krebs’s comments come as he is expected to take over as director of the Cybersecurity and Infrastructure Security Agency [CISA]. Congress passed a bill earlier this week that will create the new unit within DHS — which will cement the agency’s leadership on civilian cybersecurity and rank on the same level within the department as the Federal Emergency Management Agency or Secret Service. President Trump is expected to sign the bill into law as early as Friday.
The new agency will elevate the cybersecurity mission within DHS, Krebs said, and it will be responsible for coordinating with other government entities and the private sector on cybersecurity and critical infrastructure programs. The legislation is intended to make it easier for the private sector to work with government on cybersecurity threats. DHS’s cybersecurity work is currently housed under the National Protection and Programs Directorate. Krebs told the Cybersecurity 202 earlier this year that the unit needed to be rebranded to reflect what it actually does.
“It was one of my top priorities since I came to DHS,” Krebs told me in an interview yesterday.
Krebs’s remarks came at a meeting with members of the Charter of Trust, an initiative including global companies such as Siemens and IBM. DHS also hosted the first supply-chain security task force uniting government entities with technology and communications companies.
CISA is the result of a long-fought battle to consolidate DHS’s authority on cybersecurity matters. An effort to create such an agency has been underway since the Obama administration, but it was hampered by lawmakers who felt the 14-year-old agency was not as equipped to deal with cyber threats as the National Security Agency or FBI. Earlier this week, the bill moved through the House with unanimous support — signaling lawmakers’ view on DHS’s role in handling civilian cybersecurity is evolving.
Edna Conway, Cisco’s chief security officer for its global value chain, said thinks CISA will help companies and federal agencies with collaborate better on cybersecurity.