Dive Brief:
- Cybersecurity and Infrastructure Security Agency Director Jen Easterly called on the technology industry to incorporate more security into their products at the design stage, while speaking at the Billington Cybersecurity Summit in Washington D.C. Wednesday.
- The call comes at a time of heightened concerns about attacks against critical infrastructure and essential services in recent years. Federal agencies have made a recent push to encourage developers and critical infrastructure providers to incorporate more resilience at the design stage, making them better able to withstand malicious attacks.
- Easterly said CISA plans to issue a request for information regarding new incident reporting requirements under the Cyber Incident Reporting for Critical Infrastructure Act of 2022, which requires prompt notification of major cyberattacks. Easterly also announced plans for a national listening tour, which would involve 11 separate sessions to generate feedback from local communities.
Dive Insight:
Easterly acknowledged the nation is in a very intense threat environment with a number of recent challenges, including the Log4j vulnerability and other security concerns. However, by working together against sophisticated adversaries, Easterly argued the U.S. can make it very expensive and uncomfortable for threat actors to launch major attacks against the nation.
“Attackers have budgets too,” Easterly said….
