Cybersecurity

Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

Homeland Security Secretary Alejandro Mayorkas on Wednesday said his agency will begin a series of 60-day sprints focused on ransomware, industrial control systems, transportation systems and election security.

"With respect to responding to ransomware attacks, we will strengthen our capabilities to disrupt those who launch them and the marketplaces that enable them," Mayorkas said at a virtual RSA Conference event.

A second sprint focused on developing the government cybersecurity workforce will begin next month. Mayorkas said that the workforce development push will include a focus on diversity, equity and inclusion and promised to publish the agency's own diversity data.

"Beyond DHS, we will champion [diversity, equity and inclusion] across the cyber workforce of the entire federal government," Mayorkas said.

A third sprint on industrial control systems will begin this summer to look at some of the risks arising from the use computer operated physical systems to deliver infrastructure including water, electricity and natural gas. Currently, different standards and regulatory authorities apply across industrial sectors.

"The cybersecurity incident at the water treatment facility in Florida last month was a powerful reminder of the substantial risks we need to address," he said.

Mayorkas also said the department is drafting a proposal to establish a cybersecurity response and recovery fund to provide assistance to state, local, tribal and territorial governments. He noted the Cybersecurity and Infrastructure Security Agency is continuing to fill state cybersecurity coordinator positions. CISA officials said at recent congressional hearings said they have filled approximately half of those posts so far.

DHS will also begin an awareness campaign focused on educating private industry about resources and services CISA has to offer as well as an expanded cybersecurity grant program to "facilitate and support the adoption of those services," Mayorkas said.

The secretary's comments come as CISA is under greater strain following its work on the 2020 election as it responds to two major cybersecurity incidents -- the hacking campaign against SolarWinds and new zero-day exploits found in Microsoft Exchange servers.

On the day of Mayorkas's speech, CISA released supplemental direction and an implementation schedule for civilian federal agencies on the diagnostics and mitigation for the Hafnium hack affecting Exchange servers.

CISA's leadership has told Congress that the agency needs an increase in funding to continue to do the work it is given, characterizing the $650 million it received from the coronavirus relief package as a "down payment." Currently, CISA is operating under acting leadership, but multiple press reports have indicated that the administration plans to nominate Rob Silvers for the director post.

Lawmakers have recently criticized the White House for not yet nominating a national cyber director. Mayorkas noted the importance of the new office but did not provide any details or updates on when a nominee will be named.

Mayorkas also said that a coming executive order on cybersecurity will contain "nearly a dozen actions," designed to "improve in the areas of detection, information sharing, modernizing federal cybersecurity, federal procurement and federal incident response."

That order is expected to include a requirement that federal contractors disclose breaches of their systems to the government.

About the Author

Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.


Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected