President Biden’s Department of Homeland Security (DHS) nominees pledged their commitment to elevate the United States’ cybersecurity posture, in order to prevent future cyberattacks, during a May 27 Senate Committee on Homeland Security & Governmental Affairs hearing.
Cybersecurity was a hot topic of conversation during the hearing, with senators referencing the recent Colonial Pipeline ransomware attack and the SolarWinds hack as clear reasons why the United States, including DHS, needs improved cybersecurity.
“DHS should be an example for Federal agencies, but it was hacked,” Ranking Member Rob Portman, R-Ohio, said, referencing the SolarWinds attack. “And frankly, we’re not following the proper cyber hygiene to be able to avoid the attacks. It’s clear that our Federal cyber defenses are lacking… DHS plays an important role in supporting critical infrastructure cybersecurity, and it’s got to work better to support critical infrastructure owners and operators to improve cybersecurity across the board.”
Robert Silvers, President Biden’s nominee for under secretary for DHS’s Office of Strategy, Policy, and Plans, agreed that recent cyberattacks exemplify the need for an improved cybersecurity posture.
“Recent incidents from SolarWinds to Colonial Pipeline, have only further highlighted the urgency to secure critical infrastructure and Federal networks from cyberattacks,” Silvers said during the hearing. “If confirmed, I will focus closely on fortifying DHS efforts on this critical work. The President’s recent cybersecurity executive order, and new authorities enacted by Congress in recent years, set a powerful foundation on which to build.”
“We all saw with the attack on Colonial Pipeline the devastating and cascading effects that a cyberattack, even just on a single organization can have, and the impacts that can be felt downstream by many innocent parties,” he added. “It is just vitally important that the Department of Homeland Security, and other Federal agencies as well, use all tools available and appropriate to mitigate those kinds of threats.”
Silvers also stressed that DHS must look ahead to “emerging threats,” in addition to recent cyberattacks. “This includes threats arising from the adoption of advanced technologies and threats to economic security and our ability to compete with China in the century ahead,” he said.
Sen. Jackie Rosen, D-Nev., brought up the fact the U.S. cyber workforce is facing “a huge shortage,” and stressed that recent cyberattacks “demonstrate the urgency of equipping the U.S. government with cyber talent across the board that’s needed to prevent and respond to attacks.”
Silvers agreed with Sen. Rosen and pledged his commitment to working with the senator to grow the cybersecurity workforce.
“I believe the shortfall of cybersecurity talent in this country is a national security issue,” he said. “I will look forward, if confirmed, to working with you and other members in any way possible to create pipelines of cyber talent to benefit the DHS workforce, and also to then benefit the private sector cybersecurity workforce. I think it’s a wonderful and laudatory goal.”
As for John Tien, President Biden’s nominee to be deputy secretary at DHS, he pledged to strengthen private and public partnerships in order to increase collaboration surrounding cybersecurity and cyberattacks.
“The Colonial Pipeline organization did not have to acknowledge or report to CISA, that they had undergone a ransomware attack… it is this kind of partnership that I believe that the private sector must have, what the public sector must have, with the Federal government,” Tien said.
“In the service of the American people, in particular in the protection of all of the critical infrastructure, not just the pipeline, but of the 16 critical infrastructure sectors, I believe that the private sector can and should, and the public sector can and should, be strong partners,” he added.
Jonathan Meyer was also present at the hearing as President Biden’s nominee for general counsel at DHS, although he did not mention cybersecurity, nor was specifically asked about it.