As part of our “dot your expert comments” series, cybersecurity experts reacted below on the removal of Chris Krebs as Director of CISA. A Change.org open letter thanking Christopher Krebs for his service is at: https://www.change.org/chriskrebs.
Translation: The recent statement by Chris Krebs was highly accurate, in that there were no improprieties or fraud, confirmed by all credible 2020 Election officials sworn under oath to be truthful. Therefore, he has been terminated for refusing to lie for me, your #LiarInChief. pic.twitter.com/OmJGS15agK
— Mark Hamill (@MarkHamill) November 18, 2020
<p>Security culture and maintaining security consciousness with your entire organization and/or end-users is critical not just for identifying and responding to security threats but following security processes. Access control processes of provisioning and de-provisioning are great examples that need conscious focus and attention to ensure only those that have a business requirement for access have access and their access is approved, reviewed and monitored per the access control principles of authentication, authorization and assurance principles.</p>
<p>User authentication and credentials have become the new enterprise security perimeter, and with many working remotely and accessing cloud services, they have become a lucrative target for attacks. Pass-the-Cookie attacks require a successful breach of the end user\’s workstation, and whether they are a personal device or an organization’s, assets have become a headache to secure for CISOs. They are challenged to enforce patching on these workstations and detection systems are blindsided with partial visibility leaving them extremely vulnerable. Adding to the mix are well crafted Spear Phishing attacks that introduce malware or steal credentials through social engineering. To prevent these attacks companies need to increase security awareness to phishing attempts, employees should logout from cloud services when they are not using them and the services should be set to automatically kill sessions that are inactive, even for short periods of time. Becoming aware of your security posture is critical to discover and fix the weaknesses they find.</p>
The dismissal of Christopher Krebs as Director of the Cybersecurity and Infrastructure Security Agency is political, surreal, and disheartening.
We in the cybersecurity community are deeply committed to identifying and preventing or blocking all threats to the best of our ability, including misinformation and disinformation. Chris Krebs and the CISA team have done a singularly brilliant job, and done it transparently, under what has been one of the most divisive and fraught election cycles in our Country’s history.
CISA\’s role was to be the organization that works closely with all stakeholders – industry, public sector and the American people – and to help keep the US ahead of cybersecurity threats, both those in the form of attacks and of misinformation campaigns. Chris and the team have done a brilliant job in protecting this Country, and fully realized that their jobs were at potential risk for doing so.
Many in the cybersecurity community are deeply disappointed and more than a bit nervous.