Federal cybersecurity

Top Cyber Officials Report ‘Significant Progress’ in Federal Cybersecurity

The federal government has made progress in strengthening the cybersecurity of its networks, a cyber official in the White House told a House Homeland Security panel.

Deputy National Cyber Director Chris DeRusha testified that while more work needs to be done, the government has made “significant progress” on priority items, including implementing multi-factor authentication and encryption, The Hill reported Tuesday.

In the past couple of years, the United States faced a series of high-profile cybersecurity attacks, including the Russia-linked hack of SolarWinds that affected at least nine agencies and more than a hundred American companies.

Colonial Pipeline, a pipeline operator that accounted for about 10 percent of the United States’ daily petroleum consumption, was also hit by a ransomware attack that forced it to temporarily halt operations.

“We’ve got a lot of work ahead, but I really feel very good about the progress we’re making and the path we put ourselves on,” DeRusha said.

His statements came after the one-year anniversary of President Joe Biden’s executive order on strengthening federal cybersecurity.

Some of the executive order’s key elements are zero trust security, multi-factor authentication, encryption and better threat information sharing.

Eric Goldstein, the Cybersecurity and Infrastructure Security Agency’s executive assistant director for cybersecurity, testified that the agency has made “tremendous progress” on the executive order’s provisions since the SolarWinds hack.

He added that CISA has launched cybersecurity shared services to increase direct support for other agencies. In April 2020, the Office of Management and Budget designated CISA as a quality services management office, putting it in charge of managing cybersecurity shared services for agencies.