Cyber security remains a priority under new Acting Homeland Security Secretary Chad Wolf, the director of the Cybersecurity and Infrastructure Security Agency (CISA) said on Thursday.
Christopher Krebs, presenting at a National Security Telecommunications Advisory Committee (NSTAC) meeting in Washington, D.C., said he met with Wolf Thursday morning, telling the panel later that it's "good to know that cyber security will remain a priority for the department with a particular focus back on election security as well."
Krebs noted that Friday will be the one-year anniversary of CISA, which previously was called the National Protection and Programs Directorate. With the change to CISA, the agency became an operational component of the Department of Homeland Security.
David Pekoske, who had been the acting Deputy Secretary of Homeland Security until Wolf filled the acting secretary position on Wednesday, told the NSTAC that CISA is being stood up "on par" with other DHS operating components, which include among others the Coast Guard, Customs and Border Protection, and the Secret Service.
Wolf on Wednesday evening named Ken Cuccinelli as the new acting Deputy of DHS. Cuccinelli is also the acting Director of U.S. Citizenship and Immigration Services, which is also an operating component of DHS.
Pekoske, who is the Administrator of the Transportation Security Administration, said that DHS is making sure that CISA "has the structure and resources" to be an equal in the department. He said when the Trump administration releases its fiscal year 2021 budget request early next year, there will "be an additional significant investment CISA" to "encourage the good success it has had."
Later during the NSTAC meeting, Krebs highlighted the need for new cyber security tools as the federal government continues its shift toward a cloud first computing environment. Cyber security monitoring tools that DHS currently uses such as EINSTEIN and email filtering that are device-based don't "necessarily work" in the cloud environment.
He said there will have to be a "more innovative approach" to cyber security monitoring for the cloud that includes an examination of "the software-based capabilities that we can develop with our cloud service providers. Lots of work here ahead of but really exciting possibilities."