By Justin Katz of FCW
May 13, 2021
Brandon Wales, the acting chief of the Cybersecurity and Infrastructure Security Agency, conceded on Thursday the dozens of deadlines in the administration's new executive order will "stretch the system" as his agency and others work to enact President Joe Biden's wide-ranging plan to revamp the federal government's cybersecurity.
"I think the community is right to say this is ambitious, this is big, but I think that just reflects what's needed to confront the cybersecurity threats and risks that we face right now," Wales told reporters during an event hosted by the George Washington University's School of Media and Public Affairs.
The executive order, which was published Wednesday night, contains deadlines for CISA, the Department of Homeland Security, the Office of Management and Budget and other agencies to begin reworking the government's cybersecurity with some timelines as short as 30 days from the order's signing.
"Tools like multi-factor authentication, encryption, endpoint detection response, logging, and operating in a zero-trust environment will be rolled out across government networks on a tight timeline," according to a senior administration official.
As the government's premiere cybersecurity agency, CISA will take the lead in implementing many of the initiatives included in the EO. Wales said he was acutely aware of the various deadlines, citing the first one CISA will have to meet in just a few weeks. But he contended they are achievable and that in many cases the work had begun long before the EO was finalized. Having written direction from the White House, he said, gives CISA the power and mandate to finish the job.
"There already has been a significant move towards multifactor authentication across the dot gov, already more than 95% of all network traffic in the dot gov is already encrypted," according to Wales. "That being said, you're right, some of the things in here are going to stretch the system, [they] are going to require us to push hard."
The cybersecurity-focused executive order came as the White House continues to manage the ransomware attack by Darkside on Colonial Pipeline. Energy Secretary Jennifer Granholm, whose department is leading the response, announced last night the company has begun restoring operations.
Wales said on Thursday that CISA expects to issue more detailed guidance to industry later today about indicators of compromise it discovered this week while working with the FBI to investigate the attack.
Bloomberg and the New York Times have reported that Colonial Pipeline paid a ransom to the hackers to resume operations. Wales declined to comment when asked if Colonial has made any payments.
President Joe Biden speaking at the White House today also didn't comment on reports of the paying of the ransom. Biden said the FBI does not believe the Russian government or President Vladimir Putin was directly involved in coordinating the attack, but that the criminals responsible likely live in Russia.
He also called on the Senate to quickly confirm Chris Inglis and Jen Easterly as national cyber director and the head of CISA, respectively, nominations the White House announced on April 12.
CISA: Do Not Pay Ransomware | SIGNAL Magazine (afcea.org)
'Dont Panic' at the Pumps, Biden Appeals to Drivers (bignewsnetwork.com)
'Dont Panic' at the Pumps, Biden Appeals to Drivers (heraldglobe.com)
'Dont Panic' at the Pumps, Biden Appeals to Drivers (manilametro.com)
'Dont Panic' at the Pumps, Biden Appeals to Drivers (japanherald.com)
'Dont Panic' at the Pumps, Biden Appeals to Drivers (hongkongherald.com)
CISA’s Wales Calls on Congress to Require Cyber Incident Reporting – MeriTalk
Colonial Pipeline did pay ransom to hackers, sources now say - CNNPoliticsThe Cybersecurity 202: Biden says the Russian government was not involved with Colonial Pipeline hack - The Washington Post
Colonial Pipeline did pay ransom to hackers, sources now say | WTOP
Hackers demanded 'millions' in ransom from Colonial Pipeline, sources say | Moody on the Market
Sources say pipeline company did pay ransom to hackers – East Bay Times
Sources say pipeline company did pay ransom to hackers (mercurynews.com)
Colonial Pipeline Paid Ransom to Hackers After All (focuswashington.com)
