Top cyber official makes debut calling for more 'ambitious' defenses and wearing a 'Free Britney' shirt

In her first major speech since taking office, Cybersecurity and Infrastructure Security Agency Director Jen Easterly sought to elevate the young agency, pushing for more cybersecurity talent across the US and announcing a new initiative collaborating with the private sector on ransomware and other issues.

Easterly made her debut not in a suit before a Washington policy audience, but directly to the cybersecurity community, wearing a partly covered up “Free Britney” shirt and introducing policy with dance moves, music and a reference to the long-running sitcom “Seinfeld.”
Speaking virtually to the Black Hat cybersecurity conference, which provides security consulting, training, and briefings to hackers, corporations, and government agencies, she told the audience that CISA needs to be more “ambitious” when it comes to building up the cybersecurity workforce in the United States and federal government.
    She made a plea to the cybersecurity community to help build up the nation’s cyber workforce, pointing to the more than 500,000 unfilled cybersecurity positions in the US.

      ‘Much more ambitious’

        Easterly, who took the helm of the agency in mid-July, said CISA is already undertaking multiple efforts, including a program to retrain non-cybersecurity federal professionals and a K-12 program that provides cybersecurity curricula to teachers.
        Despite a host of programs aimed at growing cybersecurity talent, she said, “I believe we need to be much, much more ambitious about this and innovative about figuring out how to inform and educate and really inspire the next generation of cybersecurity professionals from the youngest of ages,” offering a glimpse into her thinking as director.
          She also urged people to come work for CISA — an agency housed within the Department of Homeland Security that was established during the Trump administration. During her speech, she provided a QR code for people to join “team CISA.”
          “My goal is to make CISA the world’s premier cyber and infrastructure defense agency,” she said.
          Easterly is making her push as a new Senate report released Tuesday found that key agencies across the federal government continue to fail to meet basic cyber security standards, with systematic failures to safeguard data.
          Pressed by Black Hat founder Jeff Moss on whether she will be successful at hiring the right talent, she said, “I am going to be relentlessly focused on this.”
          “If I don’t get it done, it won’t be for lack of effort. The government hiring process is Byzantine and really kind of a mess,” Easterly said, acknowledging that there is “huge competition” from the private sector when it comes to recruiting talent.
          Setting the announcement to music that referenced the rock band “AC/DC,” Easterly also unveiled a new effort to ramp up cyber defense planning at the agency called the “Joint Cyber Defense Collaborative” or “JCDC,” which will coordinate planning and operations between the federal government, local officials, and private companies.
          She made the virtual announcement while dancing to the so-called “Elaine dance” from “Seinfeld.”
          The collaboration will initially focus on combating ransomware and cloud provider incidents with companies such as Crowdstrike, Palo Alto, FireEye, Amazon Web Services, Google, Microsoft, AT&T, Verizon, and Lumen.

          ‘Strong encryption’

          Easterly said the goal is for the government and private sector to work together closely “before an incident occurs to strengthen the connective tissue and ensure a common understanding of processes,” in prepared remarks.
          Easterly also appeared to take a swipe at those in the US government, such as law enforcement, that have called for the weakening of digital encryption in order to peer into the otherwise scrambled communications of terrorists and criminals. Critics of encryption have said the technology — which safeguards all businesses and consumers — can allow bad actors to “go dark.”
          Asked to weigh in on the matter, Easterly came out forcefully in favor of “strong encryption,” a term typically used to mean encryption that does not permit secret “back door” access for law enforcement. Law enforcement critics have said that allowing back doors into encryption would create vulnerabilities that would be targeted by hackers and would undermine everyone’s security.
          “We have to have strong encryption to be able to ensure the defense of our networks. It’s foundational, as everybody in this audience knows,” Easterly said, in a response that drew a rare round of applause. “I recognize there are other points of view across the government, but I think as the CISA director and me, personally, I think strong encryption is absolutely fundamental for us to do what we need to do.”
          Easterly, who is only the second Senate-confirmed CISA director, was part of the team that built US Cyber Command before going on to work at the National Security Agency on cyber and counterterrorism issues and serving as senior director for counterterrorism in former President Barack Obama’s National Security Council.
          She was scheduled to appear in-person at Black Hat, along with Homeland Security Secretary Alejandro Mayorkas, but the DHS team decided to participate virtually “out of an abundance of caution,” due to the latest Covid-19 concerns, a DHS spokesperson told CNN.
          Asked how she will differentiate herself from CISA’s first director, Chris Krebs, Easterly said she will focus on putting the right processes in place to be able to take CISA into our next five and 10 years.
            Shortly after the November election, then-President Donald Trump fired Krebs, who rejected Trump’s claims of widespread voter fraud.
            “I think there’s the founder, right. And then there’s the next CEO that comes in and transforms, continues the transformation of the organization,” Easterly said.

            Comments are closed.