The Cybersecurity and Infrastructure Security Agency announced 23 individuals who will serve as on its newly established Cybersecurity Advisory Committee, pulling in experts on cyber policy from government, industry, academia and the media.
The list includes executives from some of the top tech and cybersecurity companies, including Microsoft Executive Vice President Chris Young; AWS Chief Information Security Officer Stephen Schmidt; Apple Vice President of Corporate Security George Stathakopoulos; Kevin Mandia from threat intelligence firm Mandiant; CloudFlare CEO Matthew Prince and investor; and Tenable board member Niloofar Razi Howe. It also includes cybersecurity consultant Alex Stamos.
Other industry executives include Johnson & Johnson CIO Marene Allison, Tom Fanning of Southern Company and MasterCard CISO Ronald Green.
On the government side, the agency has tapped Suzanne Spaulding, a senior advisor at the Center for Strategic and International Studies and former head of CISA’s predecessor agency, the National Protection and Programs Directorate. Austin, Texas, Mayor Steve Adler and Illinois Director of Emergency Management Alicia Tate-Nadeau were also named.
“We’re at a pivotal moment in our history — one that demands we think anew about ensuring the security and resilience of our digital infrastructure in the face of increasingly sophisticated cyber threats. That’s why I couldn’t be more pleased that some of our nation’s best thinkers have agreed to join our Cybersecurity Advisory Committee,” said CISA Director Jen Easterly in a statement.
The committee’s first meeting will take place Dec. 10 and its work will focus on a broad range of threats facing both CISA and the stakeholders it supports, including disinformation, bolstering the cybersecurity workforce, securing critical infrastructure and improving collaborative relationships between CISA and the broader hacker community. According to a Federal Register notice, the committee will also receive its first classified briefing following the meeting to give members “the opportunity to discuss information concerning cybersecurity threats with senior Government intelligence officials.”
Many of the individuals tapped have significant backgrounds or experience dealing with some of the most high-profile cybersecurity issues that fall under CISA’s purview.
Twitter’s Vijaya Gadde helped steer the company’s evolving disinformation policies through the 2020 U.S. elections, while University of Washington professor Kate Starbird has helped pioneer groundbreaking research over the past decade into how bad actors manipulate social media platforms and leverage the broader internet ecosystem to spread false or misleading information.
Stamos served as chief security officer for Yahoo and Facebook, eventually leaving the latter in 2018 after criticizing the company’s unwillingness to substantively address Russian disinformation campaigns on the platform leading up to the 2016 U.S. presidential election. He has since formed his own cybersecurity consultant firm with former CISA leader Chris Krebs.
Mandia’s firm was the first organization to detect what would eventually become known as the SolarWinds campaign and was instrumental in sounding the alarm to dozens of other affected companies and government agencies.
In a press release, the agency said Easterly had also asked National Cyber Director Chris Inglis to help establish the committee and set its agenda.