National cyber director declares ‘too soon to say we’re out of the woods,’ as US enjoys dip in ransomware

After a summer marked by big ransomware attacks from suspected Russian gangs, some of those same groups went quiet. National Cyber Director Chris Inglis said Thursday that it’s too early to tell if the trend will hold. “Those attacks have fallen off. Those syndicates have to some degree deconstructed,” Inglis said at an event hosted by the Ronald Reagan Presidential Foundation and Institute. “I think it’s a fair bet they have self-deconstructed and essentially gone cold and quiet to see whether the storm will blow over and whether they can then come back.” Whether they do so will depend largely on whether Russian President Vladimir Putin takes steps to undo the “permissive” atmosphere after U.S. President Joe Biden warned him repeatedly about ransomware attacks originating from his country. “It’s too soon to say we’re out of the woods on this,” Inglis said. The FBI blamed Russian ransomware gang REvil for […]

The post National cyber director declares ‘too soon to say we’re out of the woods,’ as US enjoys dip in ransomware appeared first on CyberScoop.

Continue reading National cyber director declares ‘too soon to say we’re out of the woods,’ as US enjoys dip in ransomware

CISA director unveils cyber defense collaborative center for pre-attack planning

Cybersecurity and Infrastructure Security Director Jen Easterly announced the launch of a cyber defense center Thursday that will seek to foster collaboration before cyberattacks, rather than afterward, between federal agencies, the private sector and state and local governments. Speaking at the Black Hat security conference in Las Vegas in one of her first public appearances since the Senate confirmed her last month to lead the Department of Homeland Security’s cyber wing, Easterly said the Joint Cyber Defense Collaborative (JCDC) would try to enhance teamwork that often happens only after a major incident, such as the past year’s high-profile attacks on companies like SolarWinds or Kaseya. “While some of this work is happening in pockets, most of it is reactive,” Easterly said in prepared remarks. “The unique value add of the JCDC is to create a proactive capability for government and private sector to work together closely before an incident occurs […]

The post CISA director unveils cyber defense collaborative center for pre-attack planning appeared first on CyberScoop.

Continue reading CISA director unveils cyber defense collaborative center for pre-attack planning

Federal agencies are failing to protect sensitive data, Senate report finds

Of eight federal agencies audited for their cybersecurity programs, only the Department of Homeland Security showed improvements in 2020, according to a report from the Senate Homeland Security and Governmental Affairs Committee. Released by the panel on Tuesday, the report expresses concerns about the state of federal agencies’ cyber posture during an overall 8% rise in security incidents across agencies. The report underscores the increased scrutiny of federal cybersecurity by lawmakers in the aftermath of a months-long alleged Russian cyber-espionage campaign the private sector first uncovered uncovered in December 2020. Russian hackers used a flaw in network management software SolarWinds to infiltrate nine government agencies. The report found that seven of the eight agencies reviewed still use legacy systems that no longer have security updates supported by their vendor. The practice can leave agencies vulnerable to foreign hacking, the report notes. “It is clear that the data entrusted to these […]

The post Federal agencies are failing to protect sensitive data, Senate report finds appeared first on CyberScoop.

Continue reading Federal agencies are failing to protect sensitive data, Senate report finds

National cyber director endorses plan for a bureau to collect, analyze threat data

National Cyber Director Chris Inglis called for the creation of a bureau of cyber statistics while outlining his priorities for the office in a speech Tuesday. The idea, initially proposed by Congress’s bipartisan Cyberspace Solarium Commission, would require the Department of Homeland Security to collect, process, and analyze statistics relevant to cyber threats and cybercrimes. It would require organizations that provide incident response services or cyber insurance to report information every 180 days. Inglis was a member of the same commission prior to his current role. “I would observe that to properly address risk we have to first understand it. We have to understand where it’s concentrated, where it cascades, what causes it, and more importantly to then discover how to address it,” Inglis said at an Atlantic Council event. “I think all would agree that in the absence of this information, we are going to be episodic, we’re going […]

The post National cyber director endorses plan for a bureau to collect, analyze threat data appeared first on CyberScoop.

Continue reading National cyber director endorses plan for a bureau to collect, analyze threat data

What’s next for the National Cyber Director?

By Jean Schaffer, Federal CTO, Corelight As the first National Cyber Director begins to settle into office, private industry is very hopeful that this will be one of the turning points to solidify a true private/public partnership for raising the cyber… Continue reading What’s next for the National Cyber Director?

Senate confirms former White House, NSA official Jen Easterly as CISA director after delay

Seven months into Joe Biden’s presidency, an administration confronting several cybersecurity crises finally has a permanent director en route to take over one of the top few cyber posts in the federal government. The Senate on Monday confirmed Jen Easterly as director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency by voice vote. Once she’s sworn in, Easterly — the departing head of Morgan Stanley’s Fusion Resilience Center and a former White House and National Security Agency official — will be busy with the aftermath of a spree of ransomware attacks that have attracted the attention of policymakers like none before. They include incidents at fuel supplier Colonial Pipeline, meat processor JBS and software company Kaseya, where a compromise opened the door for attackers to claim perhaps thousands of victims. In the early months of the Biden administration, officials also have contended with a cyber-espionage operation that […]

The post Senate confirms former White House, NSA official Jen Easterly as CISA director after delay appeared first on CyberScoop.

Continue reading Senate confirms former White House, NSA official Jen Easterly as CISA director after delay

Chris Inglis confirmed as first US national cyber director after Senate vote

The Senate on Thursday confirmed Chris Inglis as the new White House cyber czar, a role it enacted into law late last year. The new role will play a key part in coordinating the government response to major hacks and other cybersecurity threats. Inglis takes on the position as the U.S. has dealt with an onslaught of cybersecurity incidents, including ransomware attacks on Colonial Pipeline and meat supplier JBS. The national cyber director will also lead the implementation of cyber policy and strategy, including efforts mandated by the Biden administration to improve federal cybersecurity. Inglis will be expected to work closely with Anne Neuberger, deputy national security advisor for cyber and emerging technology on the National Security Council, as well as Jen Easterly, Biden’s nominee to lead the Department of Homeland Security’s cybersecurity agency, should she also be confirmed by Congress. Inglis will also coordinate cooperation between the government and […]

The post Chris Inglis confirmed as first US national cyber director after Senate vote appeared first on CyberScoop.

Continue reading Chris Inglis confirmed as first US national cyber director after Senate vote

Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat

It’s been two months since President Joe Biden announced his two most important Senate-confirmed cybersecurity picks: Jen Easterly to lead the Department of Homeland Security’s cybersecurity agency, and Chris Inglis to be the national cyber director. During that time, ransomware attacks have forced temporary shutdowns of a major fuel pipeline and a big meat supplier, and Biden has signaled he will raise the issue of harboring criminal hackers in a meeting next week with Russian President Vladimir Putin. Americans got their closest look yet of how Inglis and Easterly would approach those pressing issues during a Senate confirmation hearing Thursday. The nominees labeled ransomware a “scourge” that threatens national security, vowed to work with critical infrastructure firms to improve their defenses, and wondered aloud if additional federal regulations were necessary to incentivize firms to reduce their vulnerabilities to hacking. The U.S. government, Inglis said, must “seize back the initiative that […]

The post Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat appeared first on CyberScoop.

Continue reading Biden cyber nominees Easterly, Inglis describe ransomware as urgent national security threat

What the Cyber EO means for federal agencies

By Jean Schaffer, Federal CTO, Corelight For those of us who have spent our careers working in cybersecurity, President Biden’s recent “Executive Order on Improving the Nation’s Cybersecurity,” (EO) held no surprises. However, it is a step toward accel… Continue reading What the Cyber EO means for federal agencies

White House to nominate NSA veterans Chris Inglis, Jen Easterly as national cyber director, CISA chief

President Joe Biden has picked two veterans of the National Security Agency, Chris Inglis and Jen Easterly, for senior cybersecurity positions at the White House and Department of Homeland Security, the White House said Monday. Biden intends to nominate Inglis as the national cyber director and Easterly as the director of DHS’s Cybersecurity and Infrastructure Security Agency, the White House said in a statement. Both positions are subject to Senate confirmation. The nominations come as the Biden administration continues to grapple with two high-profile hacking operations linked to Russia and China that have exposed vulnerabilities in federal, state and local government networks. The national cyber director is a new, congressionally mandated role designed to make the government better at responding to those types of major hacks. If confirmed, Inglis, who spent nearly three decades at the NSA, will be charged with coordinating offensive and defensive operations across the vast federal […]

The post White House to nominate NSA veterans Chris Inglis, Jen Easterly as national cyber director, CISA chief appeared first on CyberScoop.

Continue reading White House to nominate NSA veterans Chris Inglis, Jen Easterly as national cyber director, CISA chief