Private firms won’t have any reservations about supporting the more robust cybersecurity strategy that the Department of Homeland Security will soon release, according to the department’s top cyber official.
The upcoming DHS document — intended for use in and outside of government — is part of an effort to be “much more forward-leaning on using the tools that we’ve got available to us,” but it is “all still totally voluntary” for private firms, Jeanette Manfra said in an interview with CyberScoop. “A lot of the ideas and the concepts [in the strategy] have come from the private sector.”
DHS’s work to make companies more resilient to cyberattacks has always been predicated on trust, without which executives would balk at trading threat data with the government. Manfra hopes that collaboration will intensify. The goal is to be “much more open and transparent in passing information about who is doing what” in cyberspace, she told CyberScoop.
The forthcoming strategy aims to curb “systemic risk” by helping to secure digital tools used across sectors, Secretary Kirstjen Nielsen said Tuesday at the RSA Conference in San Francisco. The document, which a DHS official said could be released next week, will serve as a framework for how federal, state, and local agencies, as well as operators of critical infrastructure, can benefit from the department’s cybersecurity support.
At a CyberScoop event Monday, Manfra said that the U.S. government will continue to call out malicious cyber-activity, but that public shaming must be paired with punitive measures to be effective. The American and British governments said Monday that Russia-backed hackers had carried out a coordinated campaign against internet traffic routers. Rob Joyce, the outgoing White House cybersecurity coordinator, said the hackers could use that router access to launch future hacking operations.
“If we’re going to have a true deterrent effect, if we’re going to make it harder for adversaries to operate, there have to be consequences,” Manfra told CyberScoop on Tuesday.
Asked what punitive measures might be taken, she said that “most of those aren’t DHS’s tools, but [the U.S. government has] sanctions, we have export controls, we have things that aren’t, frankly, as public.”
DHS in March alerted industry to a destructive malware variant that the department attributed to the North Korean government – a trojan that can wipe a machine’s Master Boot Record. It was the latest reminder that North Korean hacking capabilities have grown more potent in recent years.
Manfra told CyberScoop that, to her knowledge, there hadn’t been an uptick in use of that malware in the weeks since the DHS alert.