During today’s Senate Homeland Security Committee Hearing, both Committee Chairman Ron Johnson, R-Wis., and Cybersecurity and Infrastructure Security Agency (CISA) Director Chris Krebs agreed that CISA’s role is largely similar to the Federal Emergency Management Agency’s mandate.
Johnson explained that one of CISA’s mandates is to both help state and local governments (SLGs) prepare for attacks and aid in the recovery process following an attack. Krebs agreed, saying he’s setting up CISA to serve in an advisory—rather than a hands-on—role, helping SLGs harden their networks and providing guidance during any recovery process. He did stress that CISA will not come in and repair networks or systems, saying SLGs are responsible for managing their own networks. CISA, instead, will advise SLGs on what broad steps they should take during an attack and what Federal resources are available for them. Krebs also explained that when states are “getting hit up” by vendors, CISA can provide vendor neutral guidance on what technologies and capabilities states actually need.
Kick off the start of spring at MeriTalk’s next Cyber Smoke. Learn More
In regard to how CISA is helping SLGs prepare, Krebs discussed CISA’s Cyber Essentials Recommendations. He stressed the importance of leadership buy-in, training users to practice good cyber hygiene, following identity and access management best practices, and having a good instant response process and recoverable backups.
Christopher DeRusha, chief security officer for the state of Michigan, and Amanda Crawford, executive director for Texas’ Department of Information Resources, praised CISA’s handling of the recent Iranian conflict. During the confl ..
Support the originator by clicking the read the rest link below.
