Ride the Lightning

Cybersecurity Experts: What Biden Needs to do in His First 100 Days

February 2, 2021

On February 1, the Washington Post (sub.req.) reported on what experts think the new administration should do with respect to cybersecurity in its first 100 days. President Biden has promised that cybersecurity will be a top priority. Note: The Cybersecurity 202 Network is an ongoing, informal survey of more than 100 cybersecurity and privacy experts from government, the private sector and academia.

Responding to the SolarWinds compromise, which resulted in the largest hack of government agencies in recent times, was the first priority cited by experts.

Biden is on this already. He called for an investigation into the Russian hack and raised concerns about Russian hacking in a call with President Vladimir Putin. He has not yet committed to any retaliatory action.

Here are some of the experts' recommendations:

1. Biden should fill out his cybersecurity team.

Two key positions remain unfilled: the White House cybersecurity czar — a Senate-confirmed position newly required by a recent defense bill — and director of the DHS's Cybersecurity and Infrastructure Security Agency.

Filling those roles will be key to recovering from the attack, said Debora Plunkett, a former National Security Agency director of information assurance. "The most important thing the administration can do is to organize the senior-most cybersecurity roles and clearly assign [and] identify responsibilities," Plunkett said. "There is much work to be done and having the right structures in place will enable the work to be done more efficiently."

2. The government needs to spend more money on cybersecurity, several experts said.

Biden has already called for roughly $10 billion in funding from Congress for cybersecurity and information technology in his coronavirus relief proposal. That includes $690 million for CISA.

3. DHS shouldn't be the only priority, some experts note.

"[Biden is] building a good staff for [the National Security Council] and CISA, but the authority to improve critical infrastructure cybersecurity is spread over several regulatory agencies that will require very pointed oversight and coordination (and maybe some new authorities) to address pipeline, power grid and telecom security," said Stewart Baker, former NSA general counsel and first assistant secretary for policy at the Department of Homeland Security.

Biden should also "substantially beef up cybersecurity support" for Health and Human Services as it faces increased threats to the coronavirus vaccine data and supply chain, said Greg Garcia, executive director for cybersecurity of the Health Sector Coordinating Council.

The State Department also has a major role to play, they said. "Elevate the State Department's role in cyber defense: It's tempting to focus on NSA, CIA, and DHS, but the administration will need a fresh diplomatic effort to lead international cyber policy initiatives," said Laura Galante, a senior fellow at the Atlantic Council's Cyber Statecraft Initiative. "State's ability to reshape perceptions of U.S. cyber operations could have outsized effects on Russia and China's actions in this domain and beyond."

4. Partnerships with the private sector could take center stage.

"Improving cybersecurity also means strengthening relationships and the private sector and building partnerships in the tech industry, which is on the front line of fighting this battle every minute of every day," said Jay Kaplan, co-founder of Synack. "Ethical hackers and researchers inside cybersecurity firms, cloud providers or online retailers understand what it takes to defend against the threat and can help build better cyber defenses."

A Biden administration could also build on growing law enforcement efforts to crack down on cybercriminals. "Subject the criminals behind the ransomware scourge to serious consequences," said John Hultquist, director of intelligence analysis at FireEye.

5. Biden also should consider investing in innovative techniques, several experts suggested.

Michael Daly, chief technology officer for cybersecurity and special missions for Raytheon Intelligence, is calling for a "National Cyber Moonshot" initiative to boost the defenses of national and critical infrastructure. He's also calling for more investment in "scalable and automated" solutions that can help detect breaches.

Daly is also recommending that Biden "drive Cyber Command and the National Cyber Mission Forces to collaborate with CISA and the NSA to bring more active defense measures in partnership with the private sector to suppress future cyber attacks."

Marcus Fowler, director of strategic threat at Darktrace, also suggested that Biden should embrace autonomous defense systems that are trained to stop sophisticated attacks without being told what to do by a human. "Deterrence and defending forward are no longer enough to protect against or disrupt the new era of cyberthreats we are facing," Fowler said.

6. Biden also should look toward international allies, experts say.

We can't do it alone, according to the experts.

Kaplan suggested that the United States join the Paris Call, an initiative led by the French government for international allies to combat cybercrimes, as one step toward international coalition-building. "We need the combined strength of our democratic allies to beat back the onslaught of breaches and hacks that are infiltrating sensitive industries, harming health care institutions in the midst of a pandemic and threatening national security," Kaplan said.

"He should signal — in as many ways as practical — that cybersecurity will be a priority for this administration's first 1,000 not just 100 days," said Steve Weber, founder and director of the Center for Long Term Cybersecurity at the University of California at Berkeley. "It's the 1,000-days horizon where concrete progress can be made."

There is, in the article, a considerable number of further recommendations by experts.

I liked this one in particular: Eva Galperin, Electronic Frontier Foundation's director of cybersecurity:

"Support strong end-to-end encryption." Wouldn't that be refreshing as a government stance?

And one last notable quote: "I fear that we do not know how Russia could take advantage of the access and information it may have obtained, and we likely won't know until it's far too late," Sen. Richard Blumenthal (D-Conn.) said. "The cleanup of this breach will be extraordinarily difficult …, but we cannot cut corners and just hope that the Russians left."

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson