As public and private sector organizations face a heightened threat landscape amid the COVID-19 pandemic, Richard Driggers, deputy assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), explained how agency efforts have scaled to meet governmentwide cyber needs.
According to Driggers, agencies saw an uptick of potential malicious activity on their networks, but CISA surged its detection and mitigation efforts to combat threats.
“Through our Continuous Diagnostics and Mitigation program, my agency surged resources to the Department of Health and Human Services (HHS) as well as the Small Business Administration to help identify where an acceleration of CDM capabilities would help the agencies defend against an increase in threats as well as to strengthen network protections to reinforce the security of the agency’s important mission at work,” he said at the June 25 Cybersecurity Transformation Summit 2020.
Through shared threat mitigation services with the help of CISA, HHS the accelerated the removal of over 7,000 fraudulent domains, per Driggers.
“This is really the first time that we have taken a program like the Continuous Diagnostics and Mitigation program and surged capabilities because of threat activity happening on a particular department or agency’s network system.”
CISA has also been working alongside other security agencies to further its cybersecurity efforts during the pandemic. For example, Driggers shared that CISA worked with the Federal Bureau of Investigation to alert entities to critical vulnerabilities.
“We work hand-in-hand with organizations and we offer a number of voluntary services and products, including cybersecurity risk management and resilience services and tools,” Driggers said. “We also provide technical assistance, upon request, and we can also expand our information sharing capabilities to improve situational awareness.”
In the last several months of the pandemic, Driggers said that CISA has released 32 COVID-related cyber guides to help public and private sector organizations stay secure in the new environment.