RE: WIRED 2021: Jen Easterly Wants Hackers to Help US Cyber ​​Defense


Jen Easterly has his work was cut for him. As only the second director of the U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA), he has to face a historic attack on ransomware attack and disinformation campaigns. Easterly another kind of bureaucrat, though. He’s shown a lot in Black hat cybersecurity conference in August, where he introduced new policy initiatives in AC/DC-backed dance while wearing a “Free Britney” shirt and dragon-emblazoned jeans.

His airy style, however, is not due to lack of experience. The retired Army officer previously served in National Security Agency and helped with Department of Defense building its cyberspace operations. He also served as President Obama’s special assistant on counter-terrorism before moving into the banking sector, where he headed cybersecurity at Morgan Stanley.

In a conversation with WIRED contributing editor Garrett Graff on RE: WIRED event Wednesday, Easterly related to a big move on cybersecurity to Douglas Adams’ Dirk Gently paradigm, where “everyone is connected, everyone is dependent on each other.” This interconnectivity is the product of our digitized world. “So the surface of the attack has grown, and the volume and diversity and speed of data has improved tremendously.” The result: There is a CYBERATTACKS every 40 seconds and one in 10 of the 1.8 billion websites on the internet will bring you malware. “So the big thing that has changed is that cybersecurity has become an issue on the kitchen table.”

At CISA, part of the Department of Homeland Security, Easterly had to move from the more offensive role he played in the Army, NSA, and intelligence community to defense. He said his past experience has helped him understand how his opponents behave and, in turn, develop a sense of empathy for them. “You have to have the opposite empathy,” he explained, “to really understand how the enemy is acting, through the tactics, techniques, and methods they use, to be the best defender you can be.”

To put up the best defense, Easterly would have to increase the size of the newest U.S. government department. That’s part of why he went to Black Hat and Defcon — to reach out to the hacker’s private community. “That’s my community, man,” he said. “We want to burn off the power of hackers and researchers and academia because, at the end of the day, the world is full of vulnerabilities, and I feel like infringement dominates the defense. That’s why I want to make sure we focus the light. and the goodness of communities to help us identify and end weaknesses. So please join us and bring it up. ”

For all the technology involved, Easterly said the hardest part is “about people and human behavior and getting people to change how they behave, and enforce cyber hygiene standards, by to authenticate, patch, and upgrade software. ” More than 90 percent of the vulnerabilities exploited for ransomware attacks, he said, have patches attached to them. Many of us have failed the basics of cybersecurity.

However, he is optimistic about our government’s path forward. “I’m an optimist but I’m more optimistic than ever about how we work together, in government, as a team game and with the private sector as reliable partners.” Through this partnership, he hopes to “create a common picture of the operating environment,” to “plan and exercise in times of peace so that we are ready to work together in times of war.”



Source link

admin

Leave a Reply

Your email address will not be published. Required fields are marked *