The Cybersecurity and Infrastructure Security Agency (CISA) is working on a « hardened » cloud environment that it can evaluate through pilot projects with federal agencies, CISA Assistant Director Brandon Wales told Senators May 11 / p> Before the Senate Homeland Security and Government Affairs Committee, Wales testified that Senator Jackie Rosen, D-Nev., asked about techniques used in the SolarWinds Orion cyberattack revealed last December, and how CISA used them Use experience from this hack to identify new vulnerabilities or inform its threat-hunting activities.
Wales stated that the SolarWinds attack was characterized by a « set of small, novel techniques », but also showed that the visibility of CISA is not optimal in terms of the security of cloud services used by federal agencies.
Given the need To fill gaps in federal agency configuration and architecture, Wales said CISA is using a portion of the additional $ 650 million it received under the American Rescue Plan Act to build a « hardened » cloud – To create an environment that it can pilot with Federal agencies, and then share with the rest of the government.
During an exchange with Senator Rob Portman, R-Ohio, the senior member of the committee, Wales said that the CISA’s work on the threat-hardened cloud environment to target the business systems of federal civil agencies.
In addition to those efforts, Wales said, CISA used the latest funding to expand its defensive cybersecurity teams to include more threat-hunting activities in Conduct federal agency networks, deploy new endpoint detection and response tools in federal agency networks, and help agencies move Against zero trust-based security approaches. Elsewhere during the hearing, Senator Portman urged Wales for more information in response to a letter from the committee last month saying the committee needed the information to move legislation forward would respond to the SolarWinds attack.
The Senator did not provide details of a possible bill, but said the legislation would be « more helpful in responding to the types of attacks we are debating today. » In particular, Senator Portman wanted to know more about the extent to which the Department of Homeland Security (DHS) was affected by the attack and cited news reports indicating that the acting DHS secretary’s email account had been breached.
Wales said it refused to discuss this last point during an open hearing but said more generally that « a e small number of accounts « at DHS and CISA had been compromised. He added that the DHS compromise « only affected our business email networks, » not the agency’s operational networks, « which are where most of our security work is done. » Senator Portman reiterated that Committee needs to know the extent of the SolarWinds attack « in order to be able to properly legislate and maintain proper oversight ». Senator Gary Peters, D-Mich., Chairman of the committee, supported Senator Portman on that front, saying, « We need to have the information. »
According to Chris DeRusha, federal CISO, #CDM is fundamental to the Switch to #zerotrust.
DeRusha looks forward to working with Congress on updating #FISMA. #CyberSecurity # CDMCentral21
meritalk.com/articles/feder…
Couldn’t you make it to # CDMCentral21 today? All content is available on request for a year. From keynotes by Chris DeRusha & @ CISAgov by @ OMBPress @ Kevin Cox of CISAgov to exclusive #cyber chats, you don’t want to miss it. View on request: bit.ly/2R8VP9u pic.twitter.com/xVohcVvTSd
That’s a wrap! A special thank you to all of our #CDMCentral21 sponsors for the success of today’s virtual event! bit.ly/2R8VP9u pic.twitter.com/KYtjCmQLUD
Our final session of # CDMCentral21 starts in 5 minutes! For today’s closing of Cyber Chat: The Role of Cyber Automation, join us with Mike Guercio & @ usedgov from Steven Splandez from @ splunk and discuss how #CDM’s #FedIT #zerotrust is bringing automation closer to #zerotrust. pic.twitter.com/YS4aKeDBZG
Next on the # CDMCentral21 agenda: @ CISAgovs @SeanConnellyDC meets with Lisa Lorenzin from @ zscaler for the « Cyber Chat: TIC Talks Revisited » to highlight the important role of # TIC in CDM to discuss the meaning of #zerotrust, &. Join us in 5 minutes: bit.ly/2R8VP9u pic.twitter.com/3bOQm2cKwe
Keywords:
