Cyberwarfare / Nation-State Attacks
Fraud Management & Cybercrime
CISA’s Brandon Wales, Rep. Jim Langevin Among the Featured Speakers
Faced with a surge in ransomware attacks and state-sponsored espionage, the U.S. government is leading the response to cybersecurity challenges while continuing to work with the private sector, says acting U.S. Cybersecurity and Infrastructure Security Agency Director Brandon Wales
See Also: Live Panel | Zero Trusts Given- Harnessing the Value of the Strategy
“We often talk about a collective defense model – a model where we all have a role to play in the cybersecurity ecosystem,” Wales says. “The federal government has a unique and special burden, given our insights into the threats that we’re facing, and our breadth of exposure across the country. But we also benefit in this country from an extremely vibrant cybersecurity community that we work with hand in hand every day. For us to be successful, we need this to be a deep relationship on both sides – built on trust – and enabling the kind of defense that we need.”
Wales will be a featured speaker at Information Security Media Group’s Virtual Cybersecurity Summit: Government on July 13 and 14.
The summit, which is free to attend, will also include insights and in-depth analysis from a roster of experts on topics ranging from cryptocurrency regulations to the security of IoT devices.
Other speakers include Rep. Jim Langevin, D-R.I; Ann Dunkin, the CIO of the U.S. Department of Energy; Elvis Chan, supervisory special agent with the San Francisco Division of the FBI; and Wanda Jones-Heath, CISO for the U.S. Air Force.
The federal government faces the challenge of how to respond to a series of ransomware attacks that have targeted U.S. businesses and the nation’s critical infrastructure.
Recent examples include attacks on Colonial Pipeline Co., meat processor JBS and software firm Kaseya.
Wales notes that the Colonial Pipeline and JBS incidents show how attacks that start out as cybercrime can, in fact, affect the entire nation.
“We have realized – and ransomware operators have realized – that critical infrastructure [facilities] are attractive targets. They are big and they’re important,” Wales says. “And that may create an incentive to pay ransomware operators. … Hopefully, the Colonial and JBS incidents are real wake-up calls for these companies so that they put in place the right level of security to guard against these types of threats – because they’re real and they’re growing.”
Wales says President Joe Biden’s executive order on cybersecurity will help put the federal government on the right path.
“We’re not going to be able to address the cybersecurity threats we’re now facing without being ambitious in tackling the hard problems,” Wales says. “These may have been too often put off until tomorrow. And now we don’t have a choice.”
Some federal lawmakers are calling for providing more tools to federal government agencies to address cybersecurity.
Langevin, who served on the Cyberspace Solarium Commission, helped pushed Congress to create the position of national cyber director within the White House. Last month, the Senate approved John “Chris” Inglis to that position (see: Senate Approves Chris Inglis as National Cyber Director).
Langevin is now co-sponsoring legislation – the Cyber Diplomacy Act – that would create a Bureau of International Cyberspace Policy within the U.S. State Department. The bill passed the House in April, and a companion measure is making its way through the Senate.
“One of the leading recommendations of the Cyberspace Solarium Commission was the recognition that cyber operations lie in the gray zone of international conflict, and we want to have a person at the State Department with a bureau underneath that person that will help us to have a strong presence on the international stage – leading U.S. interests in policy in cyberspace with our allies,” Langevin says.
The congressman says much more work needs to be done to enhance the nation’s cybersecurity.
“I would like to have seen more done a while ago, but Congress hasn’t had the urgency to move in the way that I think it needs to in terms of detecting the threat that we face,” Langevin says.
Biden’s Latest Comments
On Friday, U.S. President Joe Biden spoke to Russian President Vladimir Putin about the latest ransomware attacks that have targeted American organizations and said that the U.S. government is prepared to take “any necessary action to defend its people and its critical infrastructure in the face” of these attacks, according to the official readout posted by the White House.
Later, Biden told reporters that he was “very clear” in telling Putin that when a ransomware attack originates on Russian soil “we expect them [Russia] to act.” Asked if there would be consequences, Biden said “yes.”