In an address by US Representative Andrew Garbarino, a leading House Republican, the need for enhanced coordination between the U.S. government and the private sector to prepare for a major cyberattack was emphasized. Despite a culture of information sharing, both sectors currently lack a coordinated response plan for a significant cyberattack, raising concerns about readiness.
Garbarino highlighted the significance of public-private partnerships, given that 80% of critical U.S. infrastructure is privately owned. In the event of a major cyberattack, clear plans and leadership roles are vital to restore essential services across various sectors, including banking, transportation, healthcare, and energy, which may be impacted.
Congress has bestowed substantial resources and authority upon the Cybersecurity and Infrastructure Security Agency (CISA) in recent years. Garbarino expressed the need for CISA Director Jen Easterly to play a more prominent leadership role publicly.
Additionally, the shortage of cybersecurity professionals in the nation’s workforce was identified as a significant threat. The fragmentation of cyber responsibilities at the local level, especially in smaller municipalities and for critical infrastructure, was highlighted as a hurdle to security readiness. It was suggested that partnerships with other nations, such as the United Kingdom and Estonia, could provide valuable insights and strengthen collective cybersecurity efforts.
Efforts are being made to address these challenges and enhance readiness for significant cyber incidents through collaboration between CISA and public and private sector partners.
Plans to update the National Cyber Incident Response Plan are underway to strengthen processes, procedures, and systems for a coherent and integrated federal government response to major cyber incidents. Initiatives like the Defense Department’s Cyber Training Academy aim to reduce the cyber skills gap in the federal government, although the majority of cyber job openings remain in the private sector, responsible for securing much of the country’s critical infrastructure.