Federal security official warns of ‘converged, hybrid threat landscape’ in cyber era
Published: Aug 23, 2019 3:49 PM
By Chris Anthony
Cybersecurity and Infrastructure Security Agency Assistant Director Brian Harrell outlined unique cyber threats facing the national infrastructure and pledged his agency’s assistance in addressing them head-on Friday.
Speaking at an event hosted by Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security, Harrell warned that cyber threats facing our nation’s energy sector, manufacturing centers, water supply and other critical infrastructure have necessitated a shift in the security landscape.
“There is a convergence between physical and cybersecurity,” Harrell said. “Today, we can no longer live in these silos – the cyber silo, the physical silo and the emergency management silo. It is a converged, hybrid threat landscape today.”
Established in 2018, CISA is a unit of the Department of Homeland Security and has been tasked with providing resources and best practices to minimize cyber and infrastructure risks to the federal, state and local governments as well as private industry and other organizations.
Director Chris Krebs unveiled the agency’s new strategic intent during a talk at Auburn University on Thursday. Harrell elaborated on the agency’s operational priorities, which include:
- Addressing the risk posed by China on our supply chain through 5G and other technologies
- Providing comprehensive election security resources
- Implementing measures to secure soft targets and crowded places from attackers
- Driving federal agencies to make risk-informed cybersecurity decisions
- Reducing risk to industrial control systems upon which our critical infrastructure depends
Harrell said CISA looks forward to working with governments and industry to strengthen cyber and critical infrastructure.
“We pride ourselves on being the nation’s risk advisor,” he said. “We are not the nation’s risk managers. That is industry’s job. The majority of critical infrastructure, about 85 percent, is owned and operated by private industry.”
Regarding election security, Harrell stressed that our elections are already safer following the creation of an Election Security Information Sharing and Analysis Center.
“Prior to the 2016 election, that information sharing conduit, that channel back and forth to share information, really wasn't there,” he said. “Today, that is there.”
Harrell said CISA is also working on other security issues, such as school safety, insider threats and risks involving drones.
He stressed that CISA is a willing partner on these issues and has established field offices across 10 regions of the United States. The field offices are providing subject matter expertise at the local and state levels.
“You actually have a local field rep that eats, breathes, sleeps and lives in your community,” Harrell said. “[That representative] knows your issues, knows your crime stats, knows your politics and eats at your diners. That’s a great resource to have.”
A question-and-answer session with Frank J. Cilluffo, director of Auburn’s McCrary Institute for Cyber and Critical Infrastructure Security, followed the talk, in which Harrell elaborated on threats and challenges involving cybersecurity and infrastructure security.
Video of the talks by Krebs and Harrell are available on the McCrary Institute website.
Auburn University is one of a select group of institutions designated as a National Center of Academic Excellence in Cyber Defense Research, Cyber Defense Education and Cyber Operations by the National Security Agency. Auburn conducts pioneering cyber research through its Cyber Research Center, Center for Cyber and Homeland Security, and McCrary Institute for Cyber and Critical Infrastructure Security.
Media Contact: , austinp@auburn.edu, 334.844.2444