WASHINGTON – The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) held its second annual National Cybersecurity Summit September 18-20, for cybersecurity leaders and experts from government, industry and academia to discuss ways to collectively defend against the threats of today and secure against the risks of tomorrow.
National Cybersecurity Summit events featured speakers and panelists from government agencies, media discussions, exhibits and a job fair. The Summit drew more than 1,000 attendees to the Gaylord National Resort & Convention Center in National Harbor, Md.
“We value our partners who are working with us to defend our Nation’s critical infrastructure,” said DHS Acting Secretary Kevin McAleenan when addressing Summit participants. “Instead, we must leverage the full spectrum of resources available through CISA, industry sectors, and academia to reach our collective goals. None of us alone can effectively defend against all threats.”
Acting Deputy DHS Secretary David Pekoske opened the Summit by putting the National Cybersecurity Summit in the context of the broader DHS cyber mission. He discussed the shared responsibility across government and industry to protect critical infrastructure from physical and cyber attacks by managing risk through partnership, training and capability deployment.
Following Acting Deputy Secretary Pekoske, CISA Director Christopher Krebs delivered a keynote address reflecting on how CISA has grown and evolved as an agency since its first summit in July 2018. Director Krebs stressed the need to “get past information sharing” and emphasized the importance of partnerships. He also urged the cybersecurity community to “stop selling fear” as we gear up for the 2020 elections.
Director Krebs moderated a panel with cybersecurity reporters exploring how media approaches election security and disinformation coverage. This panel was followed by a detailed discussion of disinformation and its effects on democracy by the Foreign Policy Research Institute’s Clint Watts. Office of Management and Budget Federal Chief Information Security Officer Grant Schneider wrapped up the day with a look at the National Cyber Strategy one year after its release.
CISA Assistant Director for Cybersecurity Jeanette Manfra moderated a panel titled “Transforming Government in the Cyber Age,” with Anne Neuberger, Director of the National Security Agency Cybersecurity Directorate; Suzette Kent, Office of Management and Budget Federal Chief Information Officer; Tonya Ugoretz, Deputy Assistant Director of the Federal Bureau of Investigation Cybersecurity Division; and Jack Wilmer, Deputy Chief Information Officer for Cybersecurity and Chief Information Security Officer with the Department of Defense.
The National Cybersecurity Summit opened Thursday morning with a discussion between Senator Mark Warner (D-VA) and Director Krebs on threats associated with 5G and China. This was followed by a panel discussion between leading cybersecurity CEOs Travis Reese of FireEye and Amit Yoran of Tenable.
More than 40 breakout sessions across five separate tracks began Thursday. These tracks included Protect2020, Defend Today, Secure Tomorrow, Insights, and Partnerships in Action. They featured city, state and federal officials alongside industry executives and experts from across the nation.
Keynote addresses closed Thursday’s events. Senator Ron Johnson (R-WI) shared his insights on developing cybersecurity policy that can adapt to evolving threats. Secretary of Defense Dr. Mark Esper then took the stage and expressed his commitment to deterring malign cyber actors from ever impacting U.S. infrastructure—including our election infrastructure—saying, “Moving forward I consider election security an enduring mission for the Department of Defense.”
Acting Secretary McAleenan also closed the day by discussing the progress CISA has made in its first year as an agency and echoing Secretary Esper’s commitment to election security as we head toward 2020.
Director Krebs has made 5G security and resilience a priority at CISA, and 5G technology emergence was a key topic during the National Cybersecurity Summit. CISA announced a 5G testing program with Idaho National Laboratory. The program will begin with 5G handset testing and will later expand to Radio Access Network and other 5G components. Also, CISA released an Overview of Risks Introduced by 5G Adoption in the United States in conjunction with industry in July.
CISA announced its Cyber Essentials framework during the National Cybersecurity Summit. This framework is designed to help state, local, tribal and territorial governments, small businesses and other community organizations manage risk to their networks and information systems. Following the Cyber Essentials framework will help organizations increase cyber risk awareness and improve baseline cybersecurity capacity. The Cyber Essentials framework is based on widely-used frameworks and guidance from both the Center for Internet Security and the National Institute of Standards and Technology. The Cyber Essentials framework serves as a national call to action with all organizations playing a role. Organizations can improve their own cybersecurity or assist other organizations whose cybersecurity posture is less mature.
The Information and Communications Technology (ICT) Supply Chain Risk Management Task Force released its Interim Report at a panel Thursday with the Task Force’s tri-chairs: CISA National Risk Management Center Assistant Director Bob Kolasky, USTelecom Senior Vice President of Cybersecurity Robert Mayer, and Information Technology Industry Council Vice President of Policy and Senior Counsel John Miller.
CISA had more than 20 exhibitors on site and held a job fair at the National Cybersecurity Summit, during which over 700 applicants expressed their interest in joining the CISA team.
For more information on the Cybersecurity and Infrastructure Security Agency, go to https://www.cisa.gov/.