[TheRecord] CISA aims to fill all 50 statewide cyber coordinator posts by year’s end

The Cybersecurity and Infrastructure Security Agency is on track to have 50 statewide coordinators in place across the U.S. by the end of the calendar year, according to a senior official, potentially adding another level of protection against digital threats like ransomware and foreign election interference.

Last year’s defense policy bill required the agency to create the posts as a way to tighten relationships between federal authorities and state and local government officials — a push that has grown in importance since the massive SolarWinds hack exposed gaps in the nation’s cyber defenses.

CISA has 35 state coordinators on board and expects to have all 50 “up and running as we enter calendar year [2022],” Matt Hartman, the agency’s deputy executive assistant director for cybersecurity, told The Record last week.

The coordinators are meant to serve as the go-to point of contact in all state capitals, counseling officials such as chief information officers and secretaries of state about online risks and how to harden their systems against cyberattacks. They are also tasked with raising awareness about the federal cybersecurity resources states can tap before, during and after a digital assault.

States have come under tremendous stress in recent years. The pandemic forced personnel to work remotely and moved both critical and run-of-the-mill services online, exposing sometimes outdated networks to increased hacks and phishing attempts. The ransomware epidemic has also hit a broad range of domestic U.S. targets, including local governments, school districts and even hospitals — which in some instances have only been resolved with federal assistance.

Hartman said the coordinators would help combat malware by advising states to appraise their systems and prioritize what steps can be taken to better safeguard themselves, like implementing multi-factor authentication. 

The advisers will help organizations should they be victimized by ransomware “by ensuring that they have offline backups, ensuring that they have incident response plans. That they’ve tested those plans and that they have business continuity plans, so they can operate in an IT-constrained environment,” he said.

The coordinators will also be a “huge piece” in resolving some of the issues laid bare by the sweeping SolarWinds breach, according to Hartman. 

In that instance, hackers for a Russian intelligence agency rented U.S.-based servers to launch an attack that broke into nine federal agencies and around 100 private entities. The episode caused national security leaders and congressional lawmakers to lament blind spots between agencies with foreign and domestic security missions.

​​“It’s not that we can’t connect the dots. We can’t see all the dots,” National Security Agency Director Gen. Paul Nakasone told the Senate Armed Services Committee in March.

Hartman said coordinators will be able to gather and share information from both the public and private sectors thanks to their presence “on the ground.”

“The first step to connecting dots is to gain better operational visibility. And to gain better operational visibility as the federal government is through a partnership model and through a relationship model,” he told The Record, adding all interactions are strictly voluntary because CISA has no regulatory powers.

Hartman said he wasn’t sure how much the hiring spree would cost the Homeland Security Department’s cyber wing. However, an estimate by the nonpartisan Congressional Budget Office put the price tag of the original legislation creating the state posts — which was later tucked into the sprawling defense policy roadmap — at $37 million over five years.

Filling the posts

Matt Hayden, a former assistant secretary of homeland security for cyber, infrastructure, risk and resilience policy, said “there’s so many benefits from having individuals in the state office that saying it’s long overdue is easy.”

“The hard part is these types of professionals don’t grow on trees.”

A sampling shows the kind of cyber chops needed to fill the posts. For example, South Dakota’s longtime CISO left the state government to take the role. In Rhode Island, the advisor has served as the CISO for the Ocean State’s National Guard. While in Texas, the coordinator previously held several digital security positions.

Hayden noted that CISA has built some “street cred” with statehouses after the agency’s work to help secure the last two national elections against potential foreign interference.

“They don’t have a terrible relationship right now because there was blood, sweat, tears and equity put in in the last four to five years to make sure that if something was going on they had a connection and vice versa, that CISA had the ability to to push information into the hands of staff in every state capital no matter what,” according to Hayden, now vice president at regulatory and compliance company Exiger.

Hartman said that once all 50 coordinators are aboard CISA leaders will work to ensure they have the “appropriate connective tissue” within the rapidly expanding agency — reporting to regional directors and other staff who in turn can pass insights along to headquarters so that “we are all operating on a similar sheet of music.”

The post CISA aims to fill all 50 statewide cyber coordinator posts by year’s end appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[BleepingComputer] ‘Dearthy Star’ pleads guilty to selling info of 65K health care employees

Justin Sean Johnson, a 30-year-old from Detroit, Michigan, has pleaded guilty to stealing the personally identifiable information (PII) of 65,000 employees of health care provider and insurer University of Pittsburgh Medical Center (UPMC) and selling it on the dark web. […] Source: Read More (BleepingComputer)

Read More

[ZDNet] Ransomware: How banks and credit unions can secure their data from attacks

All posts, ZDNet

As ransomware attacks continue to rise, Steve Bomberger, head of SEI IT services, tells ZDNet that it’s crucial banks and credit unions lock down their security measures in order to protect customer’s data and privacy, their own data, and their reputation. Source: Read More (Latest topics for ZDNet in Security)

Read More

[HackerNews] Interpol Arrests Moroccan Hacker Engaged in Nefarious Cyber Activities

All posts, HackerNews

Law enforcement authorities with Interpol have apprehended a threat actor presumably responsible for multiple attacks on telecom companies, major banks, and multinational corporations in France with the goal of stealing customers’ bank information. The two-year investigation, dubbed Operation Lyrebird by the international, intergovernmental organization, resulted in the arrest of a Moroccan Source: Read More (The Hacker News)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.