Welcome to our Cybersecurity Advisory Committee

Author: Jen Easterly

Today I was thrilled to host the first meeting of CISA’s Cybersecurity Advisory Committee. It was a powerful and productive day talking through how to tackle some of the most pressing issues we face as we evolve CISA into the cyber defense agency the nation needs and deserves.

I want to take some time and explain why I’m so excited about the Cybersecurity Advisory Committee and the work we will accomplish together.

First, we are tapping into a terrific group of thought leaders and practitioners to help ensure we have the right strategy, technology, and talent to effectively defend the nation in cyberspace. As you heard last week, I appointed the initial 23 members to serve on CISA’s Cybersecurity Advisory Committee. You can see the list of Committee Members here. I expect to appoint more members later, but this initial group truly hit the ground running during our first meeting today.

Second, I’m excited about the questions we’ll answer together. Through their unique insight, the Committee members will provide recommendations on the development and refinement of CISA’s cybersecurity programs and policies. In particular, I’ve asked the Committee to initially focus on five issues:

• Transforming the cyber workforce
• Turning the corner on cyber hygiene
• Igniting the hacker community
• Protecting critical infrastructure from mis-, dis-, and mal-information
• Building resilience and reducing systemic risk to critical infrastructure

During today’s meeting, I asked for the formation of five subcommittees to dig into these core issues. Several of these subcommittees will empanel additional outside experts to help CISA tap into talent across the cybersecurity ecosystem. In particular, we’re going to set up a Technical Advisory Council, comprised of hackers, vulnerability researchers, and threat intelligence experts to get direct feedback from front-line practitioners whose work is vital to the security of our nation.

Separately, we’re planning to setup a CIO/CISO Council so we can gain insight from those in the trenches protecting companies and critical infrastructure, both on the threat environment and best practices, but also on what can we do to help C-suite leaders and Boards of Directors understand the return on investment in cybersecurity best practices.

One point I made clear to our Members: the work undertaken by the Committee will be guided by our agency’s culture, to include our core values: collaboration, innovation, service and accountability. I couldn’t be more excited for the expertise and counsel the Committee will bring to bear.

This past year has seen its share of breaches that have affected the everyday lives of Americans. Cyber threats, in particular ransomware, have become a kitchen table issue; we need to ensure that cybersecurity, in particular cyber hygiene, also becomes a kitchen table issue.

It’s clear that we’re at a critical juncture in cybersecurity, a moment when it will take our nation’s best thinking to defend against the evolving adversaries looking to do harm to our critical infrastructure. It will require collaboration across government, the private sector, and the technical community. It demands that CISA has the right strategy in place to prepare for, respond to, and mitigate against cybersecurity threats to our Nation’s critical systems. In short, it takes more collaboration than ever before.

I couldn’t be prouder to have the Cybersecurity Advisory Committee Members join us in supporting this critical mission. It’s never been more important.

For the press release sharing the formal readout of today’s meeting, click here.

For more information about the CISA Cybersecurity Advisory Committee, visit cisa.gov/cisa-cybersecurity-advisory-committee.