CISA chief says cyber order is doable but will 'stretch the system'
- By Justin Katz
- May 13, 2021
Acting CISA Director Brandon Wales testified before a Senate committee on May 11.
Brandon Wales, the acting chief of the Cybersecurity and Infrastructure Security Agency, conceded on Thursday the dozens of deadlines in the administration's new executive order will "stretch the system" as his agency and others work to enact President Joe Biden's wide-ranging plan to revamp the federal government's cybersecurity.
"I think the community is right to say this is ambitious, this is big, but I think that just reflects what's needed to confront the cybersecurity threats and risks that we face right now," Wales told reporters during an event hosted by the George Washington University's School of Media and Public Affairs.
The executive order, which was published Wednesday night, contains deadlines for CISA, the Department of Homeland Security, the Office of Management and Budget and other agencies to begin reworking the government's cybersecurity with some timelines as short as 30 days from the order's signing.
"Tools like multi-factor authentication, encryption, endpoint detection response, logging, and operating in a zero-trust environment will be rolled out across government networks on a tight timeline," according to a senior administration official.
As the government's premiere cybersecurity agency, CISA will take the lead in implementing many of the initiatives included in the EO. Wales said he was acutely aware of the various deadlines, citing the first one CISA will have to meet in just a few weeks. But he contended they are achievable and that in many cases the work had begun long before the EO was finalized. Having written direction from the White House, he said, gives CISA the power and mandate to finish the job.
"There already has been a significant move towards multifactor authentication across the dot gov, already more than 95% of all network traffic in the dot gov is already encrypted," according to Wales. "That being said, you're right, some of the things in here are going to stretch the system, [they] are going to require us to push hard."
The cybersecurity-focused executive order came as the White House continues to manage the ransomware attack by Darkside on Colonial Pipeline. Energy Secretary Jennifer Granholm, whose department is leading the response, announced last night the company has begun restoring operations.
Wales said on Thursday that CISA expects to issue more detailed guidance to industry later today about indicators of compromise it discovered this week while working with the FBI to investigate the attack.
Bloomberg and the New York Times have reported that Colonial Pipeline paid a ransom to the hackers to resume operations. Wales declined to comment when asked if Colonial has made any payments.
President Joe Biden speaking at the White House today also didn't comment on reports of the paying of the ransom. Biden said the FBI does not believe the Russian government or President Vladimir Putin was directly involved in coordinating the attack, but that the criminals responsible likely live in Russia.
He also called on the Senate to quickly confirm Chris Inglis and Jen Easterly as national cyber director and the head of CISA, respectively, nominations the White House announced on April 12.
Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.