Reiterating that Russia interfered with the 2016 presidential election, Department of Homeland Security Secretary (DHS) Kirstjen Nielsen Tuesday stated the U.S. “will not tolerate this meddling” and announced the creation of a National Risk Management Center that will "identify, assess and prioritize efforts to reduce risks to national critical functions which enable national and economic anxiety."
Speaking to cybersecurity pros attending the DHS Cybersecurity Summit in New York, Nielsen said, “A Category 5 hurricane has been forecast. And now we must prepare."
Phil Neray, vice president of industrial cybersecurity at CyberX, praised the government for “putting more focus on coordination and information sharing,” but added,“until we define minimum security standards for critical infrastructure, we'll continue to be vulnerable to nation-state threats.”
Matthew Chiodi, vice president of cloud security at RedLock, said the center "appears to go one step beyond what the FBI created back in 1996 with InfraGard," which took "an independent chapter-driven approach linked to a local FBI field office."
The National Risk Management Center, instead, "will be staffed and centralized at DHS headquarters," he said.
Chiodi noted that since the private sector controls the bulk of the country's critical infrastructure, much of which will be moving to the cloud, private sector controls a vast majority of the nation's critical infrastructure and much of that is going to be moving to the cloud "where misconfigurations can and often do have catastrophic impacts, the timing for this announcement underscores that cyber threats have rapidly outpaced physical threats."
He said the focus must go beyond simply securing data to protecting human life. "DHS's announcement is a much-needed move in the ever-evolving cyber battle against determined nation states and other rogue actors seeking soft targets with the highest impact,” Chiodi said.