Last week, thousands of security-minded professionals descended on downtown San Francisco for the annual RSA Conference. Monday, February 24, featured a Public Sector Day event, which kicked off the big week with a distinct government security focus. The 400-plus crowd of federal/state/local government officials, security specialists and other interested attendees were treated to a number of informative and instructive keynotes, breakout sessions, and panel presentations. Here are the highlights.
Three superior keynotes
Sean Plankey, principal deputy secretary of energy, Office of Cybersecurity, Energy Security, and Emergency Response (CESER), kicked off the morning with a talk titled, “What Happened to Manual Mode?” He outlined some of the groundbreaking measures, such as “Cyber Force” events at strategically located universities, which his department is taking to address the acute operational technology (OT) cybersecurity skills gap.
Bradford Willke, Cybersecurity and Infrastructure Security Agency (CISA) assistant director (acting), spoke about the importance of increasing cyber awareness in government agencies, driving investments that will yield improvements and operationalizing public/private partnerships. Echoing the RSA Conference “Human Element” theme, Willke highlighted the CISA "Partnership as a Service" mindset in collaborating with, and supporting, federal, state and local governments in the battle against cybercrime.
Anne Neuberger, NSA cybersecurity director, delivered encouraging remarks about the increasing level of collaboration between NSA and CISA. Neuberger spoke about her desire to share threat intelligence with key partners, pointing to the recent unprecedented NSA disclosure of the Windows 10 vulnerability as an example of increasing collaboration.
Multiple federal, state, and local government breakout sessions
These sessions covered a wide swath of cyber-centric topics, with election security, ransomware and supply chain security concerns among them. Recurring themes included the need to effectively manage cyber risk in a challenging resource environment and the importance of engaging and collaborating with public- and private-sector stakeholders across the board. As attacks move to include industrial as well as IT targets, this collaboration will need to extend to a broader population to protect our nation’s critical infrastructure.
A capstone CIO/CISO panel
Wrapping up the packed agenda was an insightful CISO and CIO perspectives panel, moderated by Tenable’s CSO Bob Huber, which featured federal and state government IT security executives offering their diverse views on challenges, threats and opportunities in addressing cyber risk.
Texas CISO Nancy Rainosek painted a vivid portrait of the pervasive impacts of the 57 ransomware attacks Texas experienced in 2019. Paul Cunningham, CISO, U.S. Department of Veterans Affairs, discussed challenges in managing his agency’s broad (over 1.3M endpoints) and diverse attack surface – from running the largest U.S. healthcare network to providing financial services to deliver veterans benefits to managing over 25K acres of public land. In his agency, cyber is now on the main risk agenda. Huber summarized by saying, “Given the dialogue of the panelists, security and risk leaders at the national and state levels, limited resources and federated organizations demand a prioritized approach to risk management from a strategic and tactical level. It is evident that basic cyber hygiene is difficult, and even that often times requires a prioritized approach.”
Elsewhere at the RSA Conference, CISA director Christopher Krebs provided an election security update in a presentation that also included his admission that CISA had been “a little late to the game on ransomware” as they were sharply focused on nation-state actors like China and North Korea. He reported increasing CISA involvement with ransomware defense and strongly advised against paying any ransoms.
Final thoughts on RSAC 2020
All in all, the government discussion at RSAC 2020 painted a picture of growing cyber threats in a resource-constrained environment, driving the need for increasingly efficient and collaborative risk-based defensive measures and creative training and skills development approaches. At Tenable, we are responding to these realities with a risk-based vulnerability management strategy that optimizes vulnerability prioritization for a particular IT or IT/OT environment and delivers actionable insights to support informed risk-based decisions. We invite you to learn more: https://www.tenable.com/solutions/vulnerability-management