ICYMI: Katko Highlights Cyber Priorities With Federal News Network
During the interview, Ranking Member Katko reinforced his proposed five pillar plan to streamline and centralize federal roles and responsibilities with CISA, better understand and manage third party risk, and effectively deter cyber adversaries.
Click here to listen to the full conversation.
Cyber Leadership: “I’m thrilled that there is a National Cyber Director again, because we hadn’t had one for quite a while. I really view it as they’re all a team, you have the DoD component, .mil, you have the intel community with Neuberger, and then you have the CISA role. I think all three play a critical role. I’m very happy that that Biden Administration made these moves. Going forward, I’m very hopeful that the exchange of information between the .gov, the .mil and the intel community is better than ever.”
CISA’s Quarterback Status: “With more than 100 different agencies, some have a higher competency than others with respect to their cyber capabilities. That’s a problem. And there’s no real central repository or central director for those agencies. That’s why I think it’s really important that CISA plays a prominent role as a quarterback in the .gov domain, just like DoD is a quarterback for the .mil and Neuberger is going to be the quarterback for the intel community. CISA needs to elevate its role and CISA needs to be that repository. That’s why I really advocated that it’s got to be a much bigger agency.”
$5 Billion Agency: “It’s clear that [CISA] needs to be much better funded. I think it’s going to be a matter of a few years, and they’ll be a $5 billion agency, and rightfully so because cybersecurity is so important. We’ve got to make sure it’s properly handled.”
Vendor Certification Processes: “There’s a number of vendor certification risk judgment regimes in various stages of development across federal government. DoD CMMC and the Federal Acquisition Security Council garner a lot of the headlines. I think working together to ensure that these regimes accomplish their goals of actually reducing risk is critically important. The certification of certifications probably isn’t the path forward, but neither is existing patchwork approach.”