RE: WIRED 2021: Jen Easterly wants hackers to help US cyber defense.

Jane Estherley has. His work is over for him. As only the second director of the US government’s Cybersecurity and Infrastructure Security Agency (CISA), it will have to deal with the historic onslaught of ransomware attacks and misinformation campaigns. However, Estherley is a different kind of bureaucrat. She made the show at the Black Hat Cybersecurity Conference in August, where she introduced new policy measures for AC / DC-backed dance wearing a “Free Britney” shirt and dragon-shaped jeans.

Its sharpness, however, is not due to lack of experience. The retired Army officer first served in the National Security Agency and helped the Department of Defense set up cyberspace operations. Prior to emigrating to the banking sector, he also served as President Obama’s special assistant on counterterrorism, where he headed cybersecurity at Morgan Stanley.

In Wednesday’s RE: In a conversation with Garrett Graf, WIRED’s co-editor at the WIRED event, Estherley linked a major change in cybersecurity to Douglas Adams’ Dirk Gentley paradigm, where “everything is connected, everything.” Depends on each other. ” This interconnection is a product of our digitalized world. “Therefore, the level of attack has increased, and the volume and variety of data and speed has increased rapidly.” Corollary: Every 40 seconds there is a cyber attack and one in 10 of the 1.8 billion websites on the Internet leads you to malware. “So the biggest thing that has changed is that cybersecurity has become a kitchen table issue.”

At CISA, as part of the Department of Homeland Security, Estrella should move toward defense from a more aggressive role in the military, the NSA, and the intelligence community. She says her past experience helps her understand how her opponents work and develops a sense of empathy for her. “You have to be sympathetic to the adversary,” he explained, “to really understand how the adversary works, through the strategies, techniques and methods they use, you become the best defender. May be able to. “

For better defense, Estrella will have to enlarge the new US government department. That’s why she went to Black Hat and Defcon to reach out to the private hacker community. “This is my community, man,” he said. “We want to ignite the power of hackers and researchers and educators because, at the end of the day, the world is full of vulnerabilities, and I think crime dominates defense. So I want to make sure that we We are using the strengths and weaknesses of these communities to help us identify and address these weaknesses, so please partner with us and move on.

Of all the technologies involved, Estrella says the hardest part is “about people and human behavior and helping people change the way they work and the basics of cyber hygiene, verification, patching.” , And implement through software upgrades. ” He said that more than 90% of vulnerabilities were exploited for ransomware attacks, with patches attached to them. Many of us are failing at the basics of cybersecurity.

However, they are optimistic about the way forward for our government. “I’m optimistic but I’m more optimistic than ever about how we can work together in government, as a team sport and as a reliable partner with the private sector. Can. ” Through this partnership, she hopes to “create a common picture of the operating environment,” to “plan and practice in times of peace so that we are ready to work together in times of war.”


Add a Comment

Your email address will not be published. Required fields are marked *