Cyber leaders testifying before the House Homeland Security Committee on Tuesday warned of the government’s outsized role in defending the private sector against threats from Russia.
Amit Yoran, president and CEO of cybersecurity firm Tenable, said the federal government should be less of a regulator and more of a partner for critical infrastructure as public and private entities respond to warnings of Russian cyberattacks as part of his war against Ukraine.
“I don’t think the US government should take on the role of cyber defense where they’re defending critical networks and critical infrastructure where they might not understand the changes they might make and how those might impact the infrastructure. reviews,” Yoran said.
Yoran was responding to a question raised by committee vice-chairman Ritchie Torres (DN.Y.), who asked whether the U.S. government should play a greater role in defending critical sectors beyond the public guidelines it has issued.
Yoran added that “it is incumbent upon these operators [working in those critical sectors]who understand how the systems work, to defend these networks with the help of intelligence and information from their government partners.
Yoran was one of four cyber experts invited to testify before House committee members on ways to secure critical infrastructure against Russian cyber threats.
Experts broadly backed recent government efforts to coordinate cybersecurity and said the focus should remain on guidance and information sharing, rather than regulation.
US critical infrastructure is on high alert following ‘Shields Up’ guidelines issued by the Cybersecurity & Infrastructure Security Agency (CISA), urging businesses to remain vigilant amid war in Ukraine and tough Western sanctions against Russia.
The White House and FBI have also issued similar warnings in recent weeks, asking the private sector to beef up their cyber defenses following new intelligence suggesting Russia is exploring “options for potential cyberattacks” against critical infrastructure.
Following up on his initial question, Torres asked Yoran if the federal government should mandate cybersecurity best practices, such as multi-factor authentication, across all areas of critical infrastructure.
Yoran said that while it is important for the government to enforce cybersecurity best practices, it is also crucial for them to know that there is no uniform best practice that would apply to all. critical sectors.
“Regulatory agencies and industry agencies should work with CISA and their private sector counterparts to develop and maintain these best practices,” he said.
House members also welcomed a recent law that would require companies in critical industries to report significant cyberattacks within 72 hours and ransomware payments within 24 hours to CISA.
“This is one of the most important pieces of cybersecurity legislation of the past decade,” said Rep. John Katko (RN.Y.).
“A significant cyber incident and ransomware attacks on critical infrastructure will mean greater visibility for the federal government,” he added.
During the hearing, Katko also asked one of the cyber experts how the government should help CISA strengthen its partnerships with the private sector.
Adam Meyers, senior vice president of intelligence at CrowdStrike, said CISA made a “phenomenal job” of setting up systems for sharing information, adding that fostering a collaborative environment between government and the private sector is “absolutely essential”.
“I also think that from a defensive perspective, the vulnerabilities that CISA has highlighted as critical to fix, the Shields Up program as well as some of the other initiatives that they have deployed, have been very effective, and I would love to see this continue,” he said.