Biden nominees highlight tough cyber security challenges

Senators warn government cyber security operations are in disarray

President Joe Biden's nominations for top defense, intelligence, and homeland security positions committed to reviewing and refining cyber security operations under the new government in hearings yesterday. They testified as senators slammed the government's performance in dealing with the recent SolarWinds attack that affected numerous agencies.

Senators held confirmation hearings for Alejandro Mayorkas, nominee for Secretary of Homeland Security; Avril Haines, who Biden has chosen as his Director of National Intelligence; and Lloyd Austin, who testified for his appointment as Secretary of Defense. Between them, they addressed various issues, including the SolarWinds hack, the need to bolster internal cyber security operations, and the structure of US military cyber space operations.

Mayorkas, who was Deputy Secretary of Homeland Security in the Obama administration before returning to private legal practice during the Trump years, said the US had to do "a much better job" on cyber security. 

The Department of Homeland Defense's Cybersecurity and Infrastructure Security Agency (CISA) would need to shoulder a lot of that work, Mayorkas added. He would explore two programs to see if they could stop future cyber attacks: the Einstein network security program, and the Continuous Diagnostic and Mitigation program.

Haines, former Deputy Director of the CIA under Obama, also called for strong action to shore up cybersecurity defenses in the US.

Related Resource

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

How to manage security risk and compliance - whitepaperDownload now

"Here at home, we must strengthen our cybersecurity, safeguard our critical infrastructure, and turn the ongoing technological revolution from a threat to an advantage by integrating new technologies to improve the capacity and superiority of our intelligence into the future," Haines said during prepared remarks.

Haines said she was committed to recruiting more people into the intelligence community, following work completed on a Trusted Workforce 2.0 initiative to reform security clearances.

Austin, who has served as head of US Central Command, said he would continue to support an offensive cyber security policy that the US government has already implemented. The Department of Defense formalized this policy, known as “defend forward,” in October 2018 as a way to disrupt enemy engagement in cyber space before they happen.

"Having an offensive capability that we're able to use is really important," he said, highlighting the need for fast action in cyberspace. "Speed matters, so anything we can do to facilitate the work of the operators is goodness." He also said that Russia needed to be held accountable for its role in the SolarWinds hack.

Austin and Haynes separately said they would review the relationship between the National Security Agency (NSA) and US Cyber Command, which have shared leadership since the latter’s creation. The idea of placing the two under different leadership has been a recurring theme among defense and intelligence officials for several years. The Trump administration proposed doing so during its final days.

Senators expressed dissatisfaction with the government's current cyber security capabilities during the hearings. Republican Senator Roy Blunt complained Congress hadn't received a report on the SolarWinds attack. Senate Intelligence Committee Vice Chairman Mark Warner said the government had to rely on a private-sector company to find out about it. "One part of the government doesn't seem to know what the other is doing," Warner said.

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

BillQuick billing software exploit lets hackers deploy ransomware
Security

BillQuick billing software exploit lets hackers deploy ransomware

26 Oct 2021
US State Department to establish cyber bureau
cyber security

US State Department to establish cyber bureau

26 Oct 2021
Ransomware hit industrial sector the hardest in the third quarter
ransomware

Ransomware hit industrial sector the hardest in the third quarter

25 Oct 2021
Tesco services knocked offline after suspected cyber attack
hacking

Tesco services knocked offline after suspected cyber attack

25 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Royal Mint to recover gold from smartphones and laptops in world first
Technology

Royal Mint to recover gold from smartphones and laptops in world first

21 Oct 2021