Official Says US Cyber Coordination Never Stronger; Portman Skeptical

Rob Portman, R-Ohio, expressed skepticism, noting the “most massive attack” in U.S. history went undetected for more than a year before the private sector, not government, discovered it. If everyone's in charge, no one is, said Portman, citing cyber leaders at CISA, the FBI, OMB Federal Chief Information Security Officer Chris DeRusha and a cyber director position soon to be installed in the White House. Everyone has a key role, and we “work quite well together,” said DeRusha. Portman noted that CISA’s Einstein program, which is supposed to detect and block cyberattacks against the federal government, has cost about $6 billion. “Clearly, it was not effective in stopping the SolarWinds breach or even recognizing that it occurred,” he said: Einstein expires at the end of next year, so “it’s a good time to consider its utility and how it can be improved.” Part of the challenge is that you can only “secure what you can see,” said Wales. Adversaries move quickly from server to server, and their attacks are designed to stop the U.S. from knowing where they’re coming from, he said: Traditional systems aren’t working, so the U.S. needs to deploy new types. The FBI is working to understand who did this activity and why, while coordinating with CISA, said the FBI Cyber Division's Tonya Ugoretz. The agency will deliver an after-action report to Congress, she said. The process for responding to cyberattacks “desperately needs to be modernized,” including improvements to the Federal Information Security Modernization Act, which hasn’t been updated since the creation of CISA, said committee Chairman Gary Peters, D-Mich. Stakeholders need a centralized, transparent and streamlined process for sharing information, he said.