{"id":1708,"date":"2023-09-13T20:54:34","date_gmt":"2023-09-13T20:54:34","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=77023"},"modified":"2023-09-13T20:54:34","modified_gmt":"2023-09-13T20:54:34","slug":"cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2023\/09\/13\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards\/","title":{"rendered":"CISA advisory committee urges action on cyber alerts and corporate boards"},"content":{"rendered":"<p><head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"> <meta name=\"robots\" content=\"index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\"> <!-- This site is optimized with the Yoast SEO Premium plugin v20.5 (Yoast SEO v20.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ --> <title>CISA advisory committee urges action on cyber alerts and corporate boards | CyberScoop<\/title> <meta name=\"description\" content=\"The advisory committee delivered a lengthy list of recommendations to CISA Director Jen Easterly on Wednesday.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cisa-advisory-committee-recommendations\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"CISA advisory committee urges action on cyber alerts and corporate boards\"> <meta property=\"og:description\" content=\"The advisory committee delivered a lengthy list of recommendations to CISA Director Jen Easterly on Wednesday.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cisa-advisory-committee-recommendations\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2023-09-13T20:54:34+00:00\"> <meta property=\"article:modified_time\" content=\"2023-09-13T20:55:39+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Christian Vasquez\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@chrismvasq\"> <!-- \/ Yoast SEO Premium plugin. --> <link rel=\"dns-prefetch\" href=\"\/\/cdn.parsely.com\">\n<link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb CISA advisory committee urges action on cyber alerts and corporate boards Comments Feed\" href=\"https:\/\/cyberscoop.com\/cisa-advisory-committee-recommendations\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-0\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1693959706g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-4\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1693499496g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1693525727g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=7af46db108fbc62fdcc9\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/77023\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.3.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=77023\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-advisory-committee-recommendations%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcisa-advisory-committee-recommendations%2F&amp;format=xml\"> <!-- Google Tag Manager --> <!-- End Google Tag Manager --> <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-77023 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cisa-advisory-committee-recommendations\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.407894736842\">\n<div class=\"single-article__header-content\" readability=\"29.208510638298\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/government\/\"> <span>Government<\/span> <\/a> <\/li>\n<\/ul>\n<p> The advisory committee delivered a lengthy list of recommendations to CISA Director Jen Easterly on Wednesday. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards.jpg?resize=640%2C426&#038;ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/09\/cisa-advisory-committee-urges-action-on-cyber-alerts-and-corporate-boards-1.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> CISA Director Jen Easterly speaks at the CrowdStrike Government Summit on April 11, 2023. (Pixelme Studio) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"30.838854576081\"><body readability=\"64.646623222749\"><\/p>\n<p>An advisory committee to the Cybersecurity and Infrastructure Security Agency delivered a long list of recommendations on Wednesday that encourage the agency to take measures to increase the cybersecurity expertise on corporate boards of directors, develop a national cybersecurity alert mechanism and better protect high-risk communities from surveillance. <\/p>\n<p>These policy measures were just a few of more than 100 recommendations made to CISA Director Jen Easterly, who called the findings \u201ctransformative.\u201d<\/p>\n<p>The <a href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/09\/CSAC_September-Quarterly-Meeting_Draft-Recommendations_20230913.pdf\">recommendations of CISA\u2019s Cybersecurity Advisory Committee<\/a> will need to be made into policy by Easterly, but in the past she has <a href=\"https:\/\/cyberscoop.com\/cisa-2023-priorities\/\">mostly embraced the recommendations of the committee<\/a>, which is made up of former top ranking officials, executives and lawmakers, such as former National Cyber Director Chris Inglis, former Rep. Jim Langevin and Southern Company CEO Tom Fanning, who chairs the panel. <\/p>\n<p>Wednesday\u2019s report includes recommendations from six subcommittees that cover corporate cyber responsibility, cyber hygiene, the creation of a national cybersecurity alert system, reducing systemic risk to critical infrastructure, protecting high-risk communities and <a href=\"https:\/\/cyberscoop.com\/national-cyber-workforce-and-education-strategy\/\">the cybersecurity workforce<\/a>.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The subcommittee on corporate cyber responsibility recommended that corporate board members be educated and trained on cybersecurity issues, especially with <a href=\"https:\/\/cyberscoop.com\/sec-cybersecurity-breach-disclosure\/\">new rules from the Securities and Exchange Commission<\/a> coming into effect requiring publicly traded companies to report significant breaches of their computer systems and data. The subcommittee also encouraged CISA to explore performance goals to measure what would amount to a \u201ccyber responsible\u201d board.<\/p>\n<p>\u201cWe haven\u2019t come a long way in adding expertise to the board,\u201d said Dave DeWalt, founder and CEO of investment firm NightDragon.<\/p>\n<p>Another recommendation calls for a national cybersecurity alert system to be administered by CISA. While there are multiple avenues of information flows like advisories, bulletins and so on, \u201cthey\u2019re not authoritative; they\u2019re not coherent,\u201d Inglis said.<\/p>\n<p>\u201cThese have to be actionable alerts,\u201d Inglis said.<\/p>\n<p>The technical advisory council subcommittee, led by <a href=\"https:\/\/cyberscoop.com\/feds-hackers-def-con-black-hat\/\">Black Hat and DEF CON<\/a> founder Jeff Moss delivered more than two dozen recommendations detailing how CISA can better protect high-risk communities, such as non-government organizations, activist, and journalists that may be under threat of surveillance and hacking. The subcommittee recommended that CISA provide high-risk communities better guidance and access to tools to protect themselves.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The cyber workforce committee recommended CISA develop benchmarks and metrics to track progress in growing the cybersecurity workforce, create programs to address burnout and create upskilling and cross-training programs to help workers. <\/p>\n<p>The building resilience and reducing systemic risk to critical infrastructure subcommittee cautioned that the forthcoming rewrite of Presidential Policy Directive 21 \u2014 the document declaring which sectors are considered critical infrastructure and which agencies oversee those sectors \u2014 needs to be aligned with CISA\u2019s determinations of so-called systemically important entities. The subcommittee added that CISA should also clearly define its role as a national coordinator and update the national cyber incident response plan.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p> <!-- .popular-stories__stories --> <\/div>\n<p><!-- .popular-stories__inner -->\n<\/div>\n<p><!-- .popular-stories --> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> <!-- Start of HubSpot Embed Code --> <!-- End of HubSpot Embed Code --> <\/body> <a href=\"https:\/\/cyberscoop.com\/cisa-advisory-committee-recommendations\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA advisory committee urges action on cyber alerts and corporate<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[934,413,452,293,117,722,439,935,506],"tags":[936,415,454,299,119,723,443,937,507],"class_list":["post-1708","post","type-post","status-publish","format-standard","hentry","category-chris-inglis","category-critical-infrastructure","category-cybersecurity-and-infrastructure-security-agency-cisa","category-department-of-homeland-security-dhs","category-government","category-jen-easterly","category-policy","category-rep-jim-langevin","category-workforce","tag-chris-inglis","tag-critical-infrastructure","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-department-of-homeland-security-dhs","tag-government","tag-jen-easterly","tag-policy","tag-rep-jim-langevin","tag-workforce"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/chris-inglis\/\" rel=\"category tag\">Chris Inglis<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/critical-infrastructure\/\" rel=\"category tag\">critical infrastructure<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-homeland-security-dhs\/\" rel=\"category tag\">Department of Homeland Security (DHS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/jen-easterly\/\" rel=\"category tag\">Jen Easterly<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/policy\/\" rel=\"category tag\">Policy<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/rep-jim-langevin\/\" rel=\"category tag\">Rep. Jim Langevin<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/workforce\/\" rel=\"category tag\">workforce<\/a>","tag_info":"workforce","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1708","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=1708"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1708\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=1708"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=1708"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=1708"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}