Constant Vigilance Demanded - Cyber 'Not Just Another Risk'Nitin Natarajan, Deputy Director, CISA, Discusses EO, Challenges and Resilience
The Biden executive order on cybersecurity was a catalyst for action, with tight delivery times for steps including promotion of software bills of materials - SBOMs - and zero trust. The cyber-physical nexus and expanding threat surface mean it’s not easy to maintain vigilance, but recognizing that is the first step, says Nitin Natarajan, deputy director, CISA.
"How are we making sure that the CEOS and the board understand the risks that they are accepting within the organization? If we identify it and do not mitigate it, we’ve accepted it," he says.
Of the EO, Natarajan says: "The thing that really surprised me was the aggressive way in which the entire federal government was getting behind these requirements and deliverables, to move quickly. We actually had our first deliverables in just weeks - a very challenging time frame."
In a video interview with Information Security Media Group prior to keynoting at InfoSecurity Europe 2022 in London, Natarajan discusses:
- The Biden executive order on cybersecurity and its impact;
- The changing threat landscape;
- The need for ongoing vigilance to maintain resilience.
Natarajan previously was director of Avantus Federal, a board member at Disaster Tec, and principal at The Cadmus Group. He also served as deputy assistant administrator of the U.S. Environmental Protection Agency.