Katko Continues Bipartisan Cybersecurity Leadership
WASHINGTON, DC – During a fireside chat with Frank Cilluffo at the Auburn McCrary Institute, Ranking Member John Katko (R-NY) reinforced his bipartisan approach to cybersecurity and infrastructure protection and highlighted how he looks forward to working with a wide range of stakeholders to collaboratively increase the cyber resilience of the nation.
Katko specifically discussed two recent high profile cyber incidents – the SolarWinds cyber espionage campaign and the Hafnium attack on Microsoft Windows Server vulnerabilities – as significant cyber incidents affecting both government and critical infrastructure community that require an evolved approach to our collective defense. While there are multiple highly capable nation state actors we must be vigilant against, Katko described the Chinese Communist Party as the greatest 50-year threat to our homeland.
When talking about the federal response to these major cyber incidents, Katko reinforced his proposed five pillar plan to streamline and centralize federal roles and responsibilities, better understand and manage third party risk, and effectively deter cyber adversaries.
Katko also discussed the importance of information sharing as it relates to renewed interest in passing data breach legislation. He reinforced that lawmakers first must define with specificity what we are trying to solve for. There are related “data breach” lines of effort with distinct nuances – consumer focused breach notification when sensitive personal information is compromised and notification by industry to government of significant cyber events affecting their networks. Too often, these are being blurred together which only further complicates the ability to have thoughtful policy debates. Katko reiterated that he’s committed to an extensive stakeholder feedback process to land on the best mix of carrots and sticks to better incentivize industry sharing of cyber incidents with government.
Katko sees CISA as a natural clearinghouse for increased information sharing, building off the voluntary and non-regulatory partnerships it has already built with 16 critical infrastructure sectors. As a strong supporter of CISA’s vital mission, he said that he sees CISA on a path to becoming a $5 billion agency over the next decade. Key to this maturation will be the swift nomination of a CISA Director by the President and ensuring that the National Cyber Director position, when filled, amplifies but does not compete with CISA’s mandate.