CISA Director Looking for 'Unlikely' Partnerships in Cyber Fight
Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency, prepares to testify during her confirmation hearing. Bill Clark/CQ-Roll Call, Inc via Getty Images
At DEF CON, Cybersecurity Infrastructure Security Agency Director Jen Easterly highlighted her agency’s efforts to collaborate with the private sector to meet mission demands.
Cybersecurity Infrastructure Security Agency Director Jen Easterly emphasized that the unlikely partnership between Run D.M.C. and Aerosmith to collaborate on the song 'Walk this Way’ is similar to the unlikely partnership needed between CISA and the hacker community to advance national cybersecurity.
In a discussion at hacker conference DEF CON with its founder and president Jeff Moss–––also referred to as Dark Tangent––– she emphasized the importance of partnerships between the federal government and the hacker community to advance CISA’s mission. Easterly and Moss also discussed CISA’s efforts to grow its partnerships with the hacker community and others in the private sector.
“The thing that we’re fighting against is ‘how can we do things much more like the private sector and battle the government bureaucracy?’ ” Easterly said. “We’re starting to have a lot of good success, and part of it is, ‘how do you build those trusted partnerships?’”
Moss noted the importance of letting people build relationships with an organization like CISA, so when there is a problem people trust it. Easterly asserted that that is the reason why DEF CON and other opportunities to build relationships with people are vital for CISA.
“The question is, how do you actually build trusted partnerships between the federal government and all of the partners that we need to work with,” Easterly said. “Our job is to defend critical infrastructure and we don't own the vast majority of critical infrastructure. So, you have to have trusted partnerships so we can work together to make sure that everybody has the guidance and the resources and the tools to be able to defend the nation.”
She emphasized that in order to create trust between the government and all stakeholders, it is important to first approach it with humility.
“We certainly can’t solve this problem as a government, we don’t have all the answers, so humility, I think, is truly important,” Easterly said. “Vulnerability is an incredibly important thing when you’re talking about building trusted relationships. I think transparency is something we always talk about transparency builds trust. And that’s huge for me. And then finally, gratitude, bringing together a community and sort of figuring out how we can appreciate what every side is bringing to the table.”
Easterly also highlighted the efforts of the Joint Cyber Defense Collaborative, Cybersecurity Advisory Council, Technical Advisory Council, and the Cyber Safety Review to have trusted partnerships and fulfill CISA’s mission. She noted CISA’s international partnerships with other countries’ respective agencies to help engage in cybersecurity and defense. Easterly also discussed working with state and local governments as well as providing resources to small businesses and recruiting diverse talent to join CISA.
“I am such a fan of the incredible power of the researchers,” Easterly said. “I’ve seen the power on the government side, but on the private sector side, we are really leaning into working with everybody who wants to be part of this community. These types of collaborations are just so absolutely critical.”
Both Moss and Easterly noted the importance of companies, particularly those manufacturing technology to put cybersecurity as a priority in their products.
“We want to actually ensure that all of our partners are building resilience into their systems,” Easterly said.
Echoing White House Cyber Director Chris Inglis, Easterly stressed the importance of defense.
“Our Northstar is defense,” she said. “I think defense is the new offense.”