Podcast: CIO Crossroads – CISA Edition

Federal IT has played a critical role in sustaining delivery of critical services to citizens during the COVID-19 pandemic. As the government and the nation take the first steps toward recovery, MeriTalk is chronicling the untold stories – and lessons – of Federal IT operations during three months of pandemic. In this latest chapter of CIO Crossroads, we explore cybersecurity operations at the Cybersecurity and Infrastructure Security Agency (CISA).
Protecting Healthcare in the Storm – CIO Q&A
CISA, a component agency of the Department of Homeland Security (DHS), protects Federal civilian executive branch and U.S. critical infrastructure from physical and cyber threats. It also works closely with organizations in the 16 critical infrastructure sectors to support their priorities.
In an exclusive interview with MeriTalk, Bryan Ware, Assistant Director for Cybersecurity at CISA, reveals the agency’s massive efforts to protect the pharmaceutical, hospital, and public health agency sectors as the pandemic gathered force and slammed into the U.S. With more than 1.8 million COVID cases reported nationwide since late February, and 107,000 deaths from the virus, CISA’s focus on healthcare cyber threats was right on the mark.
The threats to the healthcare sector that CISA has uncovered are downright alarming. The agency has identified and targeted 10,000 critical vulnerabilities, taken action to block 7,000 malware domains, and worked with the Department of Health and Human Services (HHS) to take down another 10,000 fraudulent domains. CISA has notified more than 100 organizations that they are active threat targets, and offered help.
And while the world waits desperately for a COVID-19 vaccine, CISA is beating back efforts by Chinese, Russian, and Iranian government hackers to steal U.S.-based research on vaccine development. The battle is far from over, but CISA’s cyber defenders are taking every measure to make sure that the war is won.
MeriTalk: Tell us about some of your largest priorities and successes during this pandemic.
Ware: The first priority going back to February was to take everything that the Cybersecurity Directorate normally does, look at it through a different lens, and ask, “How can we use all of our assets, tools, capabilities, and knowledge to protect our nation’s COVID response from a cybersecurity perspective?”
My colleagues at CISA’s National Risk Management Center (NRMC) did some really early work to that would get us through the pandemic. We then created the critical infrastructure workers guidance that all the states adopted, to determine who could go to work even when their offices were shut down.
We used that product to focus our outreach to pharmaceutical companies, hospitals, and public health agencies to offer them cyber scanning services. We’ve had those services for a while; they just hadn’t been specifically focused on COVID response. Beyond the scanning, we’ve done threat and vulnerability briefings for industry, and we’ve published products that are specific to the healthcare sector and COVID-related threats. Healthcare became our number-one focus.
Second, I’ve been focused on a strategy, which sets out where we think the world is going to be in five years and what we need to do to modernize this agency and improve our capabilities. We’ve been able to develop and communicate that strategy potentially better while working remotely than in the office – just because we’ve removed meetings and other distractions and can spend some more time on it.
Finally, we’ve kept up with the other important missions that we’re entrusted with, in particular protecting Federal networks and bolstering government cybersecurity.