Retired General David Petraeus, former director of the CIA, called for Congress to pass the Cybersecurity and Infrastructure Security Act to elevate the National Protection and Programs Directorate, and suggested the creation of an independent agency to tackle cybersecurity issues during a Washington Post event on Tuesday.
He described the CISA Act as a “good first step,” but noted the possibility of elevating the agency even further if it remained less effective. He suggested that elevation would also help a cybersecurity agency attract talent from Silicon Valley, and help to act as a coordinator among different agencies. “The sharing of threat information is really quite a grab bag,” Petraeus noted.
The issue of cybersecurity coordination also emerged in Petraeus’ comments about the elimination of the White House cybersecurity coordinator program. Both he and fellow panelist Lisa Monaco, former homeland security and counterterrorism adviser to President Obama, agreed that the Trump administration had mostly continued existing cybersecurity policy and praised the increased determination to impose costs on adversaries, but both highlighted the elimination of the position as a key misstep.
Petraeus described how the country has entered the “era of weaponization of everything,” and described his concerns with the growing threats in cyberspace. One threat that particularly concerned him was the possibility of an insurgent group acquiring the capabilities to inflict kinetic damage without the same deterrence options as a nation-state, although he acknowledged it remains a “remote prospect.”
Monaco advocated for Congress to pass the Secure Elections Act to provide more resources to states and local governments, and also called on them to sustain funding to keep security efforts going. She also called on Congress to request reports from the intelligence community 60 to 90 days before elections that highlighted the potential risks and attackers and the efforts in place to thwart them.