Less than a month after Bryan Ware joined the Cybersecurity and Infrastructure Security Agency, the White House declared the worldwide COVID-19 outbreak — still in its early phases in the U.S. — a national emergency on Jan. 31 The new assistant director for cybersecurity soon found his agency handling more than just the usual nation-state threats and the expected election security issues as many of the nation’s workers and students took their jobs home with them.
Even CISA employees were performing their duties remotely. As the nation’s endpoints expanded, so did CISA’s work. From his home, Ware discussed the agency’s role during this unusual year with FedTech.
FEDTECH: How did cybersecurity concerns evolve as mass telework became the norm?
Ware: There’s a statistic that says 60 percent of Americans that are working are teleworking. When you move all of these functions to the telework environment, it creates new risks, and those things have made us very busy. We’re leveraging new technologies that have inherent vulnerabilities; agencies are rushing to deploy new cloud services, so there’s misconfigurations that present vulnerabilities. Our adversaries seemingly haven’t had degraded performance with this pandemic, and they’ve refocused their efforts on our teleworking infrastructure. That’s a new vector for them, so there are some things that we didn’t have to pay as much attention to before that are now really, really...