Since the SolarWinds hack of 2020, the federal government has been attempting to address the vulnerabilities revealed by the cyber attack and provide more funding for cybersecurity solutions. But is it enough?
To answer that question, we spoke with cybersecurity expert James Hayes, vice president of client Tenable Network Security, about the Biden administration’s cyber policies, funding packages and approach to cybersecurity in the United States. Here’s our Q&A:
RH: What was your initial reaction to seeing the Biden administration call for increased cyber funding in its COVID relief plan? Were you/the industry encouraged to see such strong support for cybersecurity?
JH: Absolutely — the administration called out cybersecurity and IT modernization as priorities early on, and it’s great to see the White House taking proactive steps in a post-SolarWinds world. While cybersecurity may not seem directly related to COVID relief at first glance, digital services have been the backbone of our society for the past year. From healthcare to government services to work from home environments, so much of our daily lives shifted online, and bad actors noticed. Securing the federal network as part of the COVID relief plan was critical to ensuring federal, state and local governments continue to function and provide services to the public, and Congress recognizing this made a significant difference.
RH: Only a fraction of the proposed funding ended up in the legislation passed by Congress (~$2b vs ~$10b). Is that enough?
JH: CISA received significant funding in the final legislation that will be crucial to giving them the resources they need to effectively complete their mission. However, there are still gaps, and CISA’s mission is increasing in scope and scale nearly every day. While the $650m they received is a great start, the organization is in need of continued maturity, and as Rep. Katko recently stated, we have to scale the agency’s funding to ensure they are properly equipped with the right resources to defend the nation’s digital infrastructure.
RH: Cybersecurity funding was originally stripped from the COVID relief package. How did the industry communicate the importance of cyber to COVID relief? Where do you see additional opportunities to stress the importance of cybersecurity with the Biden administration in the coming weeks?
JH: There was significant concern within Congress that the COVID relief package was too broad and needed to focus directly on COVID-related relief — and that was a legitimate concern. But the industry has long believed strong cybersecurity is critical to economic recovery efforts. Schools across the country have seen a massive uptick in ransomware attacks that have delayed in-person learning. State and local governments working to distribute aid to those in need have been attacked, and people who need support have struggled as a result of these digital attacks. Meeting with members of Congress and the media to highlight these issues was critical to having cybersecurity funding included in the final version of the bill.
RH: What’s next for cyber with this administration? Do you see this administration prioritizing cybersecurity broadly?
JH: Earlier this month, President Biden made several key nominations to cyber positions, including the National Cyber Director. Getting this role confirmed will be a significant step forward for the administration’s cyber efforts, giving the administration a single point person and advocate for all things cybersecurity. We’re also keeping a close eye on the infrastructure plan. Digital infrastructure must be included in any infrastructure legislation, an issue I have been advocating for years, and recently wrote about with McAfee’s Tom Gann . We have a once in a generation opportunity to address previous injustices through this infrastructure package by focusing on things like equitable broadband access, improved public transportation, modern electric grids and more.
RH Strategic is a Seattle and D.C.-based communications firm with a nationwide presence and additional global reach via membership in the Worldcom Public Relations Group. We provide strategic public relations for innovators in the technology, government and healthcare markets.