Biden DHS, Intel picks stress need to prioritize cybersecurity after SolarWinds hack

Biden DHS, Intel picks stress need to prioritize cybersecurity after SolarWinds hack
© Reuters/Pool

President-elect Joe BidenJoe BidenBiden eyes bigger US role in global vaccination efforts Trump says GOP will take White House in 2024 in prepared speech Kemp: Pulling All-Star game out of Atlanta will hurt business owners of color MORE’s nominees to serve as secretary of the Department of Homeland Security (DHS) and as director of national intelligence (DNI) both said Tuesday that if confirmed they will make a priority out of bolstering the nation’s cybersecurity.

DHS nominee Alejandro MayorkasAlejandro Mayorkas3M files lawsuit against Florida company over fake N95 masks Omar slams Biden admin for continuing 'the construction of Trump's xenophobic and racist wall' Biden review could reveal additional families separated under Trump 'zero tolerance' policy MORE and DNI nominee Avril HainesAvril HainesHillicon Valley: Intel heads to resume threats hearing scrapped under Trump | New small business coalition to urge action on antitrust policy | Amazon backs corporate tax hike to pay for infrastructure Intel heads to resume worldwide threats hearing scrapped under Trump 2024 GOP White House hopefuls lead opposition to Biden Cabinet MORE each pointed to the specific need to secure the federal government against cyber threats following the recently discovered Russian hack of IT group SolarWinds, which compromised many key federal agencies and potentially thousands of businesses.

“I can assure you that the cybersecurity of our nation will be one of my highest priorities because I concur with you that the threat is real and the threat is every day and we have to do a better job than we are doing now,” Mayorkas said during his nomination hearing before the Senate Homeland Security and Governmental Affairs Committee. 


Haines in her testimony before the Senate Intelligence Committee also described the SolarWinds hack as a “major concern,” but noted that she had not yet received a classified briefing on the incident, which is so far confirmed to have compromised agencies including the Commerce, Defense, Justice, Homeland Security and Treasury departments. 

“I think the Department of Homeland Security already indicated publicly that this is a grave risk,” Haines said. “This an area where we obviously have to focus.”

If confirmed, Mayorkas will head a sprawling department that includes the Cybersecurity and Infrastructure Security Agency (CISA), the main federal group responsible for securing the nation’s critical infrastructure, including elections.

CISA has been without most of its top leaders since November, when President TrumpDonald TrumpHarry Reid reacts to Boehner book excerpt: 'We didn't mince words' Man arrested for allegedly threatening to stab undercover Asian officer in NYC Trump says GOP will take White House in 2024 in prepared speech MORE fired former CISA Director Christopher Krebs and three other senior leaders stepped down following pressure from the White House. 

Those moves came after CISA put out a joint statement with other election officials describing the 2020 election as the “most secure in American history,” and after it stood up a “rumor control” webpage to debunk election disinformation and misinformation, much of which came from the president's supporters. 


When asked by Sen. Rob PortmanRobert (Rob) Jones PortmanTo encourage innovation, Congress should pass two bills protecting important R&D tax provision The Hill's Morning Report - Biden assails 'epidemic' of gun violence amid SC, Texas shootings Biden-GOP infrastructure talks off to rocky start MORE (R-Ohio), soon to take over as ranking member of the committee, about CISA’s failure to detect the SolarWinds breach’s impact on federal systems, Mayorkas stressed that he would work, if confirmed, to strengthen the agency. 

“CISA must improve the cyber hygiene of the federal government, the many departments and agencies throughout it, it must strengthen the public-private partnership, not only for the benefit of course of the federal government, but the benefit of the private sector itself,” he testified. 

“I think this is going to require an all-of-government approach, and there is a great amount that will rest on the shoulders of CISA, and I hope I have the privilege to lead the department and support CISA in meeting those obligations,” he added.

Mayorkas also promised to review legislation that would create a grant program to help state and local governments fund cybersecurity improvements, with officials increasingly begging for assistance during the COVID-19 pandemic as hackers took advantage of overstressed and vulnerable systems. 

While Mayorkas’s confirmation may be slowed down due to an objection lodged over an immigration-related issue by Sen. Josh HawleyJoshua (Josh) David HawleyMcConnell in tricky spot with GOP, big biz Pence autobiography coming from Simon & Schuster The Hill's Morning Report - Biden's infrastructure plan triggers definition debate MORE (R-Mo.) on Tuesday afternoon, Politico reported in December that he had been endorsed by almost three dozen top cybersecurity leaders, including former CISA leadership. 


Haines was no less strong on her stance to ensure that cybersecurity-related intelligence issues would be prioritized, and in particular argued in favor of exploring ways to ensure adversaries including Russia would be less tempted to attack the U.S. in cyberspace in the future. 

“I think one of the great challenges that we face in the United States in particular is the asymmetry of the threat in cyber,” Haines testified. “I think it is relatively easy for adversaries to hold at risk what are high value assets to the United States, given how much we rely on cyber to work for our economy, security, for so many different issues, at relatively low risk to them.”

Biden has described the SolarWinds breach as a “grave threat to national security,” and earlier this month gave a speech calling for the modernization of the nation’s defenses to respond to growing threats. He also included more than $10 billion in cyber and information technology funds for the federal government in his $1.9 trillion COVID-19 relief proposal, announced last week. 

Haines voiced support for Biden’s comments last month calling for the U.S. and allied nations to work together to create rules of the road in cyberspace, noting the need for an “imposition of costs” and promising to provide intelligence around attributing cyberattacks if confirmed as DNI.

“I think that working with allies and partners in order to impose costs can actually raise the cost essentially, and therefore help to promote deterrence and pushback,” she testified.