Biden nominees highlight tough cyber security challenges

Senators warn government cyber security operations are in disarray

Military IT professionals in a server room

President Joe Biden's nominations for top defense, intelligence, and homeland security positions committed to reviewing and refining cyber security operations under the new government in hearings yesterday. They testified as senators slammed the government's performance in dealing with the recent SolarWinds attack that affected numerous agencies.

Senators held confirmation hearings for Alejandro Mayorkas, nominee for Secretary of Homeland Security; Avril Haines, who Biden has chosen as his Director of National Intelligence; and Lloyd Austin, who testified for his appointment as Secretary of Defense. Between them, they addressed various issues, including the SolarWinds hack, the need to bolster internal cyber security operations, and the structure of US military cyber space operations.

Mayorkas, who was Deputy Secretary of Homeland Security in the Obama administration before returning to private legal practice during the Trump years, said the US had to do "a much better job" on cyber security. 

The Department of Homeland Defense's Cybersecurity and Infrastructure Security Agency (CISA) would need to shoulder a lot of that work, Mayorkas added. He would explore two programs to see if they could stop future cyber attacks: the Einstein network security program, and the Continuous Diagnostic and Mitigation program.

Haines, former Deputy Director of the CIA under Obama, also called for strong action to shore up cybersecurity defenses in the US.

Related Resource

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

How to manage security risk and compliance - whitepaperDownload now

"Here at home, we must strengthen our cybersecurity, safeguard our critical infrastructure, and turn the ongoing technological revolution from a threat to an advantage by integrating new technologies to improve the capacity and superiority of our intelligence into the future," Haines said during prepared remarks.

Haines said she was committed to recruiting more people into the intelligence community, following work completed on a Trusted Workforce 2.0 initiative to reform security clearances.

Austin, who has served as head of US Central Command, said he would continue to support an offensive cyber security policy that the US government has already implemented. The Department of Defense formalized this policy, known as “defend forward,” in October 2018 as a way to disrupt enemy engagement in cyber space before they happen.

"Having an offensive capability that we're able to use is really important," he said, highlighting the need for fast action in cyberspace. "Speed matters, so anything we can do to facilitate the work of the operators is goodness." He also said that Russia needed to be held accountable for its role in the SolarWinds hack.

Austin and Haynes separately said they would review the relationship between the National Security Agency (NSA) and US Cyber Command, which have shared leadership since the latter’s creation. The idea of placing the two under different leadership has been a recurring theme among defense and intelligence officials for several years. The Trump administration proposed doing so during its final days.

Senators expressed dissatisfaction with the government's current cyber security capabilities during the hearings. Republican Senator Roy Blunt complained Congress hadn't received a report on the SolarWinds attack. Senate Intelligence Committee Vice Chairman Mark Warner said the government had to rely on a private-sector company to find out about it. "One part of the government doesn't seem to know what the other is doing," Warner said.

Featured Resources

How to be an MSP: Seven steps to success

Building your business from the ground up

Download now

The smart buyer’s guide to flash

Find out whether flash storage is right for your business

Download now

How MSPs build outperforming sales teams

The definitive guide to sales

Download now

The business guide to ransomware

Everything you need to know to keep your company afloat

Download now

Recommended

New report highlights the need for diversity in cyber security recruitment
cyber security

New report highlights the need for diversity in cyber security recruitment

28 Apr 2021
Cyber attacks on manufacturing up 300% in a year
Security

Cyber attacks on manufacturing up 300% in a year

11 May 2021
US fuel pipeline hackers reveal their motive
ransomware

US fuel pipeline hackers reveal their motive

11 May 2021
Trend Micro and Snyk team up to combat open source flaws
vulnerability

Trend Micro and Snyk team up to combat open source flaws

10 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021