Officials press for actionable recommendations from new cyber advisory committee

Top officials at the Department of Homeland Security (DHS) on Friday urged a newly established advisory committee composed of experts from across sectors to propose solutions to help tackle the growing wave of cyberattacks faced by the nation.

The Cybersecurity Advisory Committee, established by DHS’s Cybersecurity and Infrastructure Security Agency (CISA) earlier this month, met in a hybrid format both in McLean, Va., and remotely for the first time Friday. It discussed strengthening the nation’s basic cybersecurity practices and concerns about disinformation, among other issues. 

CISA Director Jen Easterly made clear at the top of the almost three hour meeting that she hoped the advisory committee would “create action” and help move the nation forward in cybersecurity.

“At the end of the day, this is really about implementing those things that will help CISA truly be the nation’s cyber defense agency, that is what the American people need, and that is what the American people deserve,” Easterly said. “I am not looking for a 20 page white paper, I am looking for short papers from each of the subcommittees that give a series of recommendations that we can go ahead and implement.”

DHS Deputy Secretary John Tien made similar comments, telling committee members that “your voices, your thoughts, your brainpower are going to have to help us identify the gaps, the vulnerabilities, and also provide us some thoughts on solutions.”

The committee is made up of almost three dozen individuals with cybersecurity expertise from various sectors, including cybersecurity group Mandiant CEO Kevin Mandia; former Facebook Chief Technology Officer Alex Stamos; Jeff Moss, the founder of the Def Con hacking conference, and Austin Mayor Steve Adler (D).

Representatives from Twitter, Microsoft, Amazon Web Services, Walmart, JPMorgan Chase and Johnson & Johnson, as well as several from the field of academia, are also on the committee. Thomas Fanning, the chairman, president and CEO of utility group Southern Company is the committee chair, while Ron Green, the executive vice president and chief security officer of Mastercard, is the vice chairman. 

The event Friday marked the first official meeting of the advisory committee. It included lengthy discussion around ways to address the nation’s cyber workforce challenges, increase basic cyber hygiene, and rally the hacking community to help the government defend the nation.

Also discussed were ways to reduce systemic risk to critical infrastructure, including elections, and to protect it against misinformation and disinformation.

National Cyber Director Chris Inglis stressed the need for a coordinated approach by the government and the private sector to best protect the nation against cyber threats, which have spiked over the past year amid incidents including ransomware attacks on Colonial Pipeline, meat producer JBS USA and IT group Kaseya.

“A transgressor needs to beat all of us to beat one of us,” Inglis said of his goals for the committee.