Homeland Security Secretary Alejandro Mayorkas on Thursday put forth a general vision for how his department will lead federal civilian government cyber security efforts, which will include a series of upcoming "sprints" focused on key challenges such as ransomware, threats to industrial control systems and building the cyber security workforce.
Mayorkas highlighted disruptive and costly ransomware attacks on cities, schools, companies, hospitals and healthcare facilities, saying that combating threats from the malware that takes data and computer systems hostage will require partnering across all levels of government and the private sector. He also said that the Department of Homeland Security will leverage existing resources and capabilities, including "follow the money" and the U.S. Secret Service's Cyber Fraud Task Forces to respond to incidents and track down and arrest bad actors.
"This approach illustrates my vision, our collective vision, to further empower DHS to effectively execute its mission to lead federal efforts to mitigate cyber security risks to the United States," Mayorkas said as part of the second annual President's Cup Cybersecurity Competition. "Secondly, to serve as the government's interlocutor with the private sector on cyber security, and third, to expand its investment in the infrastructure and people required to defend against malicious cyber-attacks as part of a whole of government effort."
Mayorkas soon plans to announce the first in a series of rapid actions, what he calls "cybersecurity sprints," to make further headway in targeting various challenges facing the government and the country at large.
"To start, we will be developing an initial set of sprints dedicated to combatting ransomware, building a deep and diverse cyber workforce and urgently improving the security of our nation's industrial control systems," he said during the event, which was hosted by the DHS Cybersecurity and Infrastructure Security Agency (CISA).
CISA is the lead agency for DHS in federal cyber security efforts, Mayorkas said, pointing to the agency's role in working with various public and private stakeholders to secure the 2020 U.S. elections, sharing of cyber security services with other agencies, and responding to cyber intrusions.
"Looking ahead, it will be critical to ensure that CISA has the resources and capacity to effectively implement its existing and new authorities," he said.
These new authorities include the use of cyber threat hunting teams to scour federal networks for security gaps and vulnerabilities and alert critical infrastructure entities of specific vulnerabilities in their networks.
Expanding CISA's authorities and capabilities is a key priority for many in Congress who believe the agency, in part due to its cross-sector relationships across the nation's critical infrastructures and throughout all levels of government, is best positioned to be the go-to agency for the civilian public sector and private sector entities.
Rep. John Katko (R-N.Y.), the ranking member on the House Homeland Security Committee, wrote President Joe Biden on Tuesday urging him "to fully leverage" CISA, "which was rightfully established in 2018 to be the lead federal civilian cybersecurity agency. I remain concerned that federal roles and responsibilities for .gov security are too dispersed and unable to nimbly respond to sophisticated threats. For too long CISA has not been provided the resources and centralized visibility it needs to carry out its mission."
The Biden administration is putting a high priority on cyber security, in part due to the disclosure in December of a cyber espionage campaign that is being carried out by Russian operatives who successfully breached and infiltrated networks of at least nine federal agencies and about 100 companies.
The Russian hack was conducted, at least in part, by compromising upgrades to a network management software platform supplied by the information technology company SolarWinds [SWI] to thousands of customers. The House Homeland Security, and Oversight and Reform Committee on Friday will host a joint hearing examining the role of private technology in the ongoing hack.
On Monday, Mayorkas outlined some of the initial steps DHS is undertaking to meet Biden's commitment to cyber security. This includes raising the threshold requirement for spending on cyber security by recipients of Federal Emergency Management Agency grants from 5 to 7.5 percent, which will increase spending here by $25 million, he said on Thursday.
CISA is also exploring new grant programs to help state and local governments with their cyber security needs, he said.
The new cyber security sprint effort is a throwback to the first one, which was implemented in June 2015 by the Obama administration in response to a breach of personnel records held by the federal Office of Personnel Management. That 30-day review of federal government cyber security policies, procedures and practices was carried out by a team from the White House Office of Personnel Management and the National Security Council, along with DHS and the Defense Department.
Building up the government's cyber security workforce has been a frequently discussed challenge dating back to at least the Obama administration and Mayorkas didn't offer details about how the cyber security sprint will focus on this need. He did offer that the cyber security workforce needs to draw from the diversity across the U.S.
"With diversity comes more diverse perspectives that help inform better policy and decision-making," he said. "It also allows us to maximize the full potential that the people of this nation have to offer and to fill the half million cyber vacancies across America."