FBI, ICE Want More Cyber Authority from Congress
Federal cyber leaders clamor for cyber incident reporting legislation amid zero trust implementation.
More federal cyber leaders, including the FBI, Immigration and Customs Enforcement (ICE) and the U.S. Secret Service, called for new cyber-related authority and increased investment in IT and cyber infrastructure to safeguard critical infrastructure from the onslaught of ransomware attacks in a series of recent congressional hearings and virtual events.
The Cybersecurity and Infrastructure Security Agency (CISA) continues to call for mandatory cyber incident reporting, which has garnered Congressional support. The House Homeland Security Committee introduced an amendment to the Homeland Security Act of 2002 that installs a Cyber Incident Review Office within CISA.
But now the FBI wants in on the access to cyber incident data.
In a Nov. 16 hearing before the House Oversight Committee, FBI Cyber Division Director Bryan Vorndran called for federal agencies and private companies to report cyber incidents to the Department of Justice as well as to CISA.
“I know there are several cyber-reporting bills currently being considered, and I can’t stress enough the importance of the FBI receiving full and immediate access to cyber incidents so we can act on them as soon as possible and in unison with our federal partners at CISA,” Vorndran said during the hearing. “The faster we get this information, the faster we can deploy a local cyber threat expert to a victim’s door, track, freeze and seize funds taken, and ultimately hold cyber criminals accountable.”
CISA Executive Director Brandon Wales said legislation for cyber incident reporting should be a “top priority” for Congress.
“We need the information to engage with the victim, offer our assistance, understand what’s happening on their networks and protect other victims,” Wales said during the Nov. 16 hearing. “Even today there is a lot we’re doing across the U.S. government to improve our public-private partnership and enable more cyber defensive activities to protecting the homeland. JCDC (the Joint Cyber Defense Collaborative) brought together the critical government agencies and those companies in the private sector that have the best visibility into the cyber ecosystem. These are companies that can take action on a massive scale.”
Wales and other representatives from the Department of Homeland Security (DHS) also asked Congress in a Nov. 17 House Homeland Security Committee hearing to expand law enforcement authority for ICE and the Secret Service to help hunt down ransomware perpetrators.
ICE’s Homeland Security Investigations (HSI) unit leads many DHS efforts to combat cyber crime, such as vaccine fraud, and receives support from the Criminal Investigation and Network Analysis Center (CINA), a DHS Science & Technology Directorate Center of Excellence, to scour the dark web for cyber criminals and ransomware gangs.
Expanding ICE’s authority in this area to investigate money laundering associated with ransomware could help law enforcement catch cyber criminals faster, DHS argued in its prepared testimony to the House Homeland Security Committee.
The importance of catching criminals or isolating incidents quickly is a common refrain from federal cyber leaders. In a Nov. 3 hearing before the House Homeland Security Committee, CISA Director Jen Easterly said she supports setting up a bureau of cyber statistics within CISA to better analyze and catalogue cyber incidents as they occur, which could help stop cyberattacks faster or at least isolate them.
National Cyber Director Chris Inglis said collaboration, cyber hygiene and quick response times are essential to strong cyber defense, but also said federal agencies need more IT investment in order to keep up with the rapidly shifting cyber landscape.
For many federal agencies, he added, poor cybersecurity is a result of a lack of resources.
“The technical debt, the lack of investment for so many years, is long in the making and won’t be turned around in a fortnight,” he said at the Nov. 3 hearing. “Cyber is essentially a set of open borders. In cyberspace, geography means very little. We have to better identify those threats and secure the infrastructure to bring our resources to bear.”
As federal agencies work to deploy zero trust architectures in accordance with the White House Memorandum on Improving the Nation’s Cybersecurity, leadership buy-in and cyber hygiene are critical.
“A lot of organizations still struggle with basic cyber hygiene,” said Deidra Bass, deputy CISO at the Defense Intelligence Agency (DIA) at the Nov. 18 ATARC Zero Trust Summit. “Encryption is definitely going to be key. Getting really good at the basics is going to position us to be in a better place going forward.”
Jeffrey Lush, CIO of the Air Force’s Air University, advised cyber and IT managers at federal agencies to deploy zero trust incrementally and constantly market their success to leadership to get more funding.
“Without leadership behind you, these kinds of initiatives can sputter out,” he said at the ATARC event. “Where agencies for the most part struggle is the ability to draft out what success looks like. What are those functional requirements that you’re trying to do? Effectively communicate those to get the appropriate funding and support to implement that change. Without those two core elements, there’s a lot of spinning the wheels. This is not a destination, it’s a journey.”
Department of Health and Human Services inspector general CIO Gerald Caron said the future of zero trust is continuous, unending verification due to the continuous, unending nature of cyberattacks. Knowing your assets and prioritizing “discovery” of assets will be key.
Zero trust isn’t just a new way to defend networks, it’s a “paradigm shift” that will take time to implement, Bass added.
“All of [zero trust] deals with identity and access,” she said. “If those accesses are compromised, that nefarious character could have the keys to the kingdom. Identity is priority. At the end of the day, it’s about protecting the data and the people and getting the right people to the right data at the right time so they can accomplish their mission.”
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
Facing Evolving Cybersecurity Challenges
Hear from federal cybersecurity experts discuss strategies for staying informed about the latest threats, tools and policies.
30m watch -
GSA Taps Dovarius Peoples as Deputy CIO
Peoples previously served as CIO of the U.S. Army Corps of Engineers and oversaw the service's cloud migration and data modernization.
1m read -
DHS Tabs Cyber and AI as Innovation R&D Priorities
The agency’s plan utilizes AI to better address future threats, secure critical infrastructure and improve workforce efficiency.
5m read -
The Opportunities and Challenges of Securing the 2024 Election
The 2024 presidential election is just under 50 days away, and federal agencies are reassuring voters’ concerns about election security.
4m read