Increased Cyber Defenses are the New Normal, Top Cyber Officials Say

An enhanced cybersecurity posture is the status quo, federal cyber leaders said at the RSA Conference Tuesday, adding they will leverage greater intelligence-sharing and collaboration, diverse skillsets and increased visibility to cultivate the new normal.

The sentiment follows growing acknowledgement that the rapid increase and frequency of cyberattacks since 2020 is not simply a symptom of physical conflicts or the global COVID-19 pandemic, but representative of the cyber landscape’s “new normal.”

Earlier this year, the Cybersecurity and Infrastructure Security Agency (CISA) launched the Shields Up campaign to build cyber resilience amid rising cyber threats stemming from the war in Ukraine.

Due to an emerging cyber landscape rife with cyber and ransomware attacks from nation-state actors and dark web ransomware-as-a-service offerings, Shields Up is here to stay.

“At the end of the day, we need to keep our shields up, because this message has actually resonated not just with the American people, but it’s resonated with CEOs and business leaders who get that they need to empower their CISOs, which is one of the key recommendations we made on the Shields Up webpage, and ensure that there are the resources and the investments in place to be prepared to be able to not prevent, quite frankly, but to respond and recover effectively to mitigate risk,” Easterly said during an RSA panel.

White House National Cyber Director Chris Inglis said the crisis in Ukraine was a clear indicator that U.S. agencies and industry partners need to work together closely to successfully identify and mitigate national cyber threats moving forward.

“It was clearly a declaration of a thunderstorm on the near horizon,” he said, referencing recent Russian cyber threats. “What everybody wanted to know was, when is what going to happen? … In order to determine that, we have to actually combine all of our insights, all of our capabilities, all of our authorities, because no one of us is probably going to see it for what it is.”

Robert Joyce, Director of the Cybersecurity Directorate at the National Security Agency (NSA), said the intelligence community suspected malicious cyber activity would increase after Russia invaded Ukraine, further validating the need to double down on cybersecurity efforts across federal agencies and critical infrastructure sectors.

“We knew about real intentions, and that was the level of intel granularity,” Joyce said. “It is hard to strike that balance of, we really do know that there is bad intent out there, but we may not know [specifically] where it’s going to strike, and I really like the storm and lightning analogy, because it’s very appropriate.”

To maintain a heightened state of cyber defense, Easterly, Inglis and Joyce said it’s essential to build trust across federal and private-sector stakeholders. Easterly said the Cyberspace Solarium Commission call to develop a Joint Cyber Planning Office, which CISA launched as the Joint Cyber Defense Collaborative (JCDC), will help her and her counterparts meet this goal.

“We want to be able to share that visibility so that we can identify those dots, connect those dots and drive down risk to the nation at scale, and we’ve been extending that since the war in Ukraine and started working together, planning together, implementing what we call and operational collaboration model where we’re sharing information in near-real time,” Easterly said. “It’s starting to build momentum, but most importantly, it’s starting to build trust.”

CISA is considering the development of an advisory framework that will also determine scale and level of cyber threats based on national security agencies’ intelligence information, Easterly added. This framework will help federal agencies consider a “more thoughtful way” of considering and communicating threats.