IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Biden nominees highlight tough cyber security challenges

Senators warn government cyber security operations are in disarray

President Joe Biden's nominations for top defense, intelligence, and homeland security positions committed to reviewing and refining cyber security operations under the new government in hearings yesterday. They testified as senators slammed the government's performance in dealing with the recent SolarWinds attack that affected numerous agencies.

Senators held confirmation hearings for Alejandro Mayorkas, nominee for Secretary of Homeland Security; Avril Haines, who Biden has chosen as his Director of National Intelligence; and Lloyd Austin, who testified for his appointment as Secretary of Defense. Between them, they addressed various issues, including the SolarWinds hack, the need to bolster internal cyber security operations, and the structure of US military cyber space operations.

Mayorkas, who was Deputy Secretary of Homeland Security in the Obama administration before returning to private legal practice during the Trump years, said the US had to do "a much better job" on cyber security. 

The Department of Homeland Defense's Cybersecurity and Infrastructure Security Agency (CISA) would need to shoulder a lot of that work, Mayorkas added. He would explore two programs to see if they could stop future cyber attacks: the Einstein network security program, and the Continuous Diagnostic and Mitigation program.

Haines, former Deputy Director of the CIA under Obama, also called for strong action to shore up cybersecurity defenses in the US.

Related Resource

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

How to manage security risk and compliance - whitepaperDownload now

"Here at home, we must strengthen our cybersecurity, safeguard our critical infrastructure, and turn the ongoing technological revolution from a threat to an advantage by integrating new technologies to improve the capacity and superiority of our intelligence into the future," Haines said during prepared remarks.

Haines said she was committed to recruiting more people into the intelligence community, following work completed on a Trusted Workforce 2.0 initiative to reform security clearances.

Austin, who has served as head of US Central Command, said he would continue to support an offensive cyber security policy that the US government has already implemented. The Department of Defense formalized this policy, known as “defend forward,” in October 2018 as a way to disrupt enemy engagement in cyber space before they happen.

"Having an offensive capability that we're able to use is really important," he said, highlighting the need for fast action in cyberspace. "Speed matters, so anything we can do to facilitate the work of the operators is goodness." He also said that Russia needed to be held accountable for its role in the SolarWinds hack.

Austin and Haynes separately said they would review the relationship between the National Security Agency (NSA) and US Cyber Command, which have shared leadership since the latter’s creation. The idea of placing the two under different leadership has been a recurring theme among defense and intelligence officials for several years. The Trump administration proposed doing so during its final days.

Senators expressed dissatisfaction with the government's current cyber security capabilities during the hearings. Republican Senator Roy Blunt complained Congress hadn't received a report on the SolarWinds attack. Senate Intelligence Committee Vice Chairman Mark Warner said the government had to rely on a private-sector company to find out about it. "One part of the government doesn't seem to know what the other is doing," Warner said.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Mastering endpoint security implementation
Security

Mastering endpoint security implementation

18 May 2022
The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Costa Rica declares state of emergency following Conti ransomware attack
ransomware

Costa Rica declares state of emergency following Conti ransomware attack

10 May 2022
LinkedIn to pay $1.8 million to employees after settling gender discrimination charges
Careers & training

LinkedIn to pay $1.8 million to employees after settling gender discrimination charges

4 May 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Google Russia files for bankruptcy, ends operations in the country
Business operations

Google Russia files for bankruptcy, ends operations in the country

19 May 2022