Biden is interested in reforming FISMA, a candidate to lead CISA

President Joe Biden’s nominee says cybersecurity and the need for Congress to pursue efforts to hold federal agencies accountable for cybersecurity by considering changes to the Federal Information Security Modernization Act. He said he would lead an infrastructure security agency.

“I know there was some discussion [Federal Information Security Modernization Act] Reforms to ensure that accountability is properly structured … I think that’s a very important debate, and I look forward to working with this committee once it’s confirmed. “I will,” said Jen Easterley.

Testified on Easter in front of the Senate Department of Homeland Security and Government Affairs on Thursday With Chris Ingris, Candidate for National Cyber ​​Officer, and Robin Kanahan, Candidate for Head of General Procurement.

Legislators need to clarify agency incident reporting responsibilities, supply chain scrutiny, and technology modernization efforts in the context of rebuilding the basic law as a result of a series of breaches involving pandemics and federal agencies. I have stated.

“Most of the rapid policy work and budget allocations done by Congress, as we all did, need it because it is outdated or non-functional technical systems or similarly non-functional. I’ve witnessed the horror of not being delivered to those who do, and cybercriminals were trying to use it to steal money, “Kanahan said.

Kanahan also said the GSA should work to remove certain Chinese technologies from the federal system under Article 889 of the National Defense Authorization Act 2019.

“As the GSA’s chief buyer, I think it’s important to strengthen our supply chain to ensure compliance with Section 889,” he told Senator Josh Hawley of Missouri. “In my understanding, that’s fine, but in the end, there’s no excuse for not just getting it done. There are factors that prevent it from fully implementing it and enforcing these rules. I don’t know what it’s like right now, but if I can, I’m interested in finding out the truth about the problem as soon as possible. “

Republican Senator James Lankford said all three candidates were responsible for dealing with removal orders like peripheral companies such as Huawei in China and Kaspersky in Russia, and their approach was I asked what would happen in the future.

Kanahan said he would consider automation as a way to better monitor the supply chain. At Easter, he referred to CISA’s position on the Federal Procurement Security Council, an inter-agency group capable of recommending such removal orders, with the agency and the Public-Private Information and Communication Technology Supply Chain Risk Management Task Force. He said he was looking forward to working with him. Within the CISA. Ingris said that having access to the National Security Council from within the White House would put National Cyber ​​Officers in a position to advise on legal issues that could result from such exclusion orders. Stated.

Senators also asked candidates to explain how they would impact the government’s cybersecurity talent shortage.

Kanahan said the government can benefit from understanding the attractiveness of positions that enable remote work and looks forward to hearing from the GSA Task Force about the future of work.

Easter emphasized the importance of organizational culture. “We need to build a culture of excellence that emphasizes inclusion, innovation, collaboration, empowerment and ownership so that people get up in the morning, love their work, enjoy their teammates and work for whom. I like it, “she said. “This is the way to attract and retain the best talent.” She also pointed out that she needs to leverage a diverse pipeline for talent.

Ingris agreed. “I think we need to rethink what the basic qualifications are for taking one of these jobs. Not all jobs require a bachelor of science in computer science,” he said. Told. “Many of them need good critical thinkers, people with good work ethics. To get them into these jobs so that they can make positive changes quickly. You need to open the door. “

Inglis advocates planting seeds for viable cybersecurity jobs as part of the kindergarten to grade 12 education system and supports an early start.

“We found that the pipeline wasn’t generating enough, both in terms of diversity and in literal numbers,” he said. “We need to get these pipelines to work.” Biden is interested in reforming FISMA, a candidate to lead CISA

Back to top button