On Tuesday, May 17th, Axios chief technology correspondent Ina Fried and Axios Today host and editor Niala Boodhoo led conversations examining the cyber threat landscape in 2022, the wide-ranging impact of attacks and how nations and the private sector are collaborating on solutions. Guests included Rep. John M. Katko (R-N.Y.) and Belfer Center for Science and International Affairs Cyber Project executive director Lauren Zabierek.
Rep. John M. Katko discussed what he sees as the biggest cyber threats to America stemming from Russia’s invasion of Ukraine, the importance of a strong social contract between critical infrastructure and government agencies and the top priorities for Congress’ cybersecurity partnership with the White House.
- On Russia using cyber attacks during their invasion of Ukraine: “It’s an act of war with them on this level. They have threatened to do the same with us as far as cyber attacks. We are fully preparing to try and anticipate just such an attack, and there’s no doubt in my mind that Russia right now is kind of thrusting, parrying a bit, kind of examining our networks to see where they can attack if they so choose. But, they also understand that there’s a very high cost to them if they do so, and we are going to be prepared to do that.”
- On improving the social contract between critical infrastructure and government agencies: “I think we need to define statutorily in legislation what is a criteria for determining what is a systemically important critical infrastructure. We need to get a bill passed, I have one that does just that…we’re trying to meet in the middle and work something out...once you define it, then let CISA go to work with the private sector once the framework is set to get it done.”
Lauren Zabierek described the impact Russian cyber attacks have had on everyday life in Ukraine, her top concerns within the current threat landscape and how the line between nation state and ransomware attacks is blurring.
- On Russian cyber attacks’ impact on every life for Ukrainian civilians: “I really want to emphasize that maybe we haven’t seen these big, huge catastrophic cyber attacks that maybe people predicted. But, that space in between, what we have been seeing, is still really, really bad. There’s still a lot of impacts on everyday people, and that can be really devastating. The loss of internet, the loss of communications, not being able to access your assets or information, especially in such a dangerous time, is very bad for civilians.”
- On defining a cyber attack as an act of war: “This determination of whether it is an act of war in cyberspace, that’s a very political determination, the head of a nation [or] our president has to make that determination. But, even if that determination was made or not, it’s still if you are impacting essential services, if you’re impacting public safety, that is very bad for Americans and we need to make it less bad.”
In the View from the Top segment, Google Centers of Excellence director of data governance, government affairs and public policy Kate Charlet shared her advice for governments, organizations and companies who want to prioritize their cybersecurity.
- “We’re in a moment where all governments and businesses have a chance to reshape their thinking. Sometimes there’s this temptation to get distracted by shiny objects. I've long been a believer in focusing on fundamentals. We’ve got to have a defensible architecture…you’ve got to break away from undependable legacy systems and practices, and focusing on fundamentals like this is the best chance to get out of this cycle of vulnerability patch, vulnerability patch. But obviously that takes focus and investment from government and the private sector.”
Thank you Google for sponsoring this event.