34 F
Washington D.C.
Wednesday, February 1, 2023

Cyberspace Solarium Commission Report Draws Praise, Implementation Vows from Krebs

Cybersecurity and Infrastructure Security Agency Director Chris Krebs said there are “some innovative, bold recommendations” in the new Cyberspace Solarium Commission report, “but more importantly, there are recommendations within the report that are practical and imminently implementable.”

“And that’s the most important aspect of the report in and of itself – that whatever’s in it, we can actually do it,” he said.

The Commission advocates a layered cyber deterrence strategic approach to cybersecurity, achieved by shaping cyber behavior, denying benefits to adversaries, and imposing serious costs on cyber threat actors who target the United States.

Krebs told the House Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection and Innovation on Wednesday that CISA is working through a “triage list” and identified “the sorts of resources that we will need – the things we can do now, the things we’ll have to do down the road,” given that some of the additional requirements on critical infrastructure will require either congressional or regulatory action.

“The defense-offense divide, that was one of the important policy signals that comes out of the report to me. At least that this is not just about investing in the Department of Defense and General Nakasone’s teams, it is also about ensuring that CISA and the rest of the civilian cybersecurity space and the private sector have the direction, guidance, and resources they need to be able to implement,” he said. “Some of the key takeaways … first is that it squarely put CISA at the central coordination point for civilian cybersecurity defense.”

“And that brings all the federal partners together, but that also, importantly, brings the federal or the private sector as well as state and local partners together. There are going to be some significant applications here.”

Krebs questioned whether CISA has the facilities to “truly set up a collaboration space,” and noted they are operating in nine facilities in the national capital region and “need a refresh.”

“We just need to make sure that we have the access for private-sector partners to the facility, that we can accommodate regular access from private-sector partners and make it an experience that they want to actually participate in. It’s a kind of an ‘if you build it, they will come’ sort of approach. So that aspect we’re focused on,” he said.

“There’s another piece of it – continuity to the economy – that we’re working through right now,” Krebs added. “And that is kind of, in some part, a manifestation of our national critical functions work that we launched last year, and we’re also seeing that play out right now across the COVID response. So we’ve developed a framework for analyzing broader supply chain impacts of COVID across four different elements.”

The first question, the director said, is whether there is a “commodity disruption that would disrupt a business or a function.”

“The second is, is there workforce disruption that you may not be able to continue delivering that service or function? And then, there are two kinds of demand side issues. One… you have too much demand and, therefore, you have a cratering within the function,” Krebs continued.

“And on the flip side of that, you may see in transportation is there’s a lack of demand, and so the function then degrades. So, those are the sorts of things that we want to push into that continuity of the economy. We have the rubric, but to fully implement that recommendation is going to require significant analytic investments within the agency.”

“And then, lastly, workforce, workforce, workforce, workforce… to be successful in this space, to be truly a customer-centric organization, I have to have personnel out in the field – not just engineers here in D.C., but customer service professionals out where our partners are. And that’s going to require significant investment in personnel.”

Cyberspace Solarium Commission Recommends Layered Cyber Deterrence in New Report

Bridget Johnson
Bridget Johnson is the Managing Editor for Homeland Security Today. A veteran journalist whose news articles and analyses have run in dozens of news outlets across the globe, Bridget first came to Washington to be online editor and a foreign policy writer at The Hill. Previously she was an editorial board member at the Rocky Mountain News and syndicated nation/world news columnist at the Los Angeles Daily News. Bridget is a terrorism analyst and security consultant with a specialty in online open-source extremist propaganda, incitement, recruitment, and training. She hosts and presents in Homeland Security Today law enforcement training webinars studying a range of counterterrorism topics including conspiracy theory extremism, complex coordinated attacks, critical infrastructure attacks, arson terrorism, drone and venue threats, antisemitism and white supremacists, anti-government extremism, and WMD threats. She is a Senior Risk Analyst for Gate 15 and a private investigator. Bridget is an NPR on-air contributor and has contributed to USA Today, The Wall Street Journal, New York Observer, National Review Online, Politico, New York Daily News, The Jerusalem Post, The Hill, Washington Times, RealClearWorld and more, and has myriad television and radio credits including Al-Jazeera, BBC and SiriusXM.

Related Articles

- Advertisement -

Latest Articles