The president-elect's nominee to lead the Department of Homeland Security said he will review the government's two major cybersecurity programs in the wake of the SolarWinds hack.
Alejandro Mayorkas, the Biden administration's candidate to lead the Department of Homeland Securit, shown at an agency event in 2016. (Photo credit: Petty Officer 3rd Class Lora Ratliff / U.S. Coast Guard)
Alejandro Mayorkas, at his Senate confirmation hearing to lead the Department of Homeland Security, said he will review the federal government's two major cybersecurity programs in the wake of the SolarWinds breach.
Mayorkas said he would conduct "a thorough review of Einstein and Continuous Diagnostics and Mitigation [programs] to understand whether Einstein and CDM … are appropriately designed and appropriately and effectively executed" to stop a threat such as SolarWinds.
"And if not, what other defenses need we develop in the federal government to best protect our very valuable equities and resources?" he added in response to a question from Sen. Maggie Hassan (D-N.H.) during his confirmation hearing before the Homeland Security and Governmental Affairs Committee.
Together, CDM and Einstein account for more than $1 billion in annual spending. Einstein, officially known as the National Cybersecurity Protection System, is an integrated system designed to protect civilian federal networks from cybersecurity threats. CDM is a program to deliver required cybersecurity capabilities directly to civilian agencies.
As DHS secretary, Mayorkas would oversee the Cybersecurity and Infrastructure Security Agency, which is tasked with helping federal agencies recover from the ongoing breach by suspected Russian intelligence operatives. CISA has made clear in its advisories that the hackers behind the campaign have likely gained access to federal networks through both SolarWinds Orion and other means.
Sen. Rob Portman (R-Ohio), who is now the top Republican on the committee, said what is being discovered about the hack is not surprising because "the federal government is not well prepared to deal with these kinds of breaches."
"Congress has given them [CISA] a lot of responsibility. I don't think we've given them an adequate mission that's focused enough or adequate resources to carry out that mission," Portman added, asking Mayorkas to comment on changes that should be made to CISA.
Mayorkas said CISA must "improve the cyber hygiene of the federal government…[and] it must strengthen the public-private partnership." He also praised changes made to CISA through the Fiscal Year 2021 National Defense Authorization Act such as adding a Senate-confirmed White House cybersecurity czar.
"I think it's going to require an all of government approach and there's a great amount that will rest on the shoulders of CISA," Mayorkas said.
Sen. Mitt Romney (R-Utah) said the country is "woefully unprepared from a cybersecurity standpoint in this nation and in our government."
Mayorkas responded that DHS Secretary Jeh Johnson prioritized a "very evolving cybersecurity threat. …The threat has only evolved and only grown since then, and I can assure you that the cybersecurity of our nation will be one of my highest priorities."
Sen. Kyrsten Sinema (D-Ariz.) asked Mayorkas to commit to improving cybersecurity education in response to a noticeable uptick in ransomware attacks being made against the medical sector.
While a handful of senators raised questions about cybersecurity, the majority of the hearing was focused on immigration issues and Mayorkas's history at DHS.
Portman opened the hearing by asking about a on 2015 inspector general report that asserted that Mayorkas inappropriately intervened in the EB-5 investor visa program, which offered permanent resident status to individuals who invested significantly into businesses that created U.S. jobs. He honed in on several cases that were made at the request of high-profile Democrats such as former Virginia Governor Terry McAuliffe.
Mayorkas defended his actions as appropriate and part of his job, taking issue with some lawmakers' characterization that he "intervened." He said he became involved in numerous cases at USCIS at the behest of both Democratic and Republican lawmakers.
Republicans also repeatedly questioned Mayorkas about Biden's plans for the wall at the U.S.-Mexico border as well as how he would deal with an influx of immigrants attempting to enter the country legally or illegally.
Mayorkas largely dodged answering those questions directly, only committing to follow the law and re-iterating Biden's public positions.
Mayorkas formerly worked as a United States attorney in California. In 2009, he was appointed by President Barack Obama to lead U.S. Citizenship and Immigration Services. He served as deputy DHS secretary from December 2014 through October 2016.
NEXT STORY: Rob Joyce to lead NSA cyber office