The new Cybersecurity Advisory Committee will focus on five areas including workforce development, and has room for 12 more members.
Cybersecurity and Infrastructure Security Agency Director Jen Easterly appointed cybersecurity journalist Nicole Perloth and Jeff Moss, a prominent leader in the hacker community, to a Cybersecurity Advisory Committee that is otherwise dominated by industry representatives.
“We’re at a pivotal moment in our history—one that demands we think anew about ensuring the security and resilience of our digital infrastructure in the face of increasingly sophisticated cyber threats. That’s why I couldn’t be more pleased that some of our nation’s best thinkers have agreed to join our Cybersecurity Advisory Committee,” Easterly said in a press release Wednesday. “I look forward to partnering with these distinguished leaders from across industry, academia, and government to tackle some of the most pressing issues of our time.”
In addition to Perloth and Moss, the committee includes Suzanne Spaulding, senior advisor for homeland security at the Center for Strategic and International Studies and the former head of the directorate that became CISA; Steve Adler, the mayor of Austin, Texas; Alicia Tate-Nadeau, director of Illinois’ Emergency Management Agency; and three academics. The remaining 15 members named are from major critical infrastructure and cybersecurity firms.
The Cybersecurity Advisory Committee was authorized by the National Defense Authorization Act of 2021 and allows for a maximum of 35 members. It also requires representation from the defense, education, financial services, health care, manufacturing, media and entertainment, chemical, retail, transportation, energy and information technology and communications sectors.
“We chose people from state and local government, people who have deep experience in cybersecurity technology, resilience, risk management, privacy, because that's important given what we're trying to forge in terms of a collective defense,” Easterly said Wednesday during an event hosted by Fortune, adding that the committee will, “really help me transform CISA into a very partnership-focused agency.”
But the committee’s charter allows Easterly to appoint others as she sees fit and she has highlighted the importance of leveraging the hacker community.
“My friend, Jeff Moss, who started at DEFCON, BlackHat, he's going to help me … to really ignite the power of the hacker community, the researchers, the academics, and that again, is about regaining the offense,” Easterly said. “We've seen way too much of these vulnerabilities that go to nation states [who] then use them against us and because we're all globally connected now—we saw this with SolarWinds, as you well know—we have to be able to find these vulnerabilities so that we can remediate them [and] mitigate risk to all of our infrastructure.”
The 23 individuals will meet at least twice a year and will make recommendations on how to further engage the hacker community; build the cyber workforce; reduce systemic risk to critical functions; combat misinformation and disinformation; and operationalizing public-private collaboration, according to the release.