CISA experts propose ‘311’ cybersecurity emergency call line for small businesses
Members of the Cybersecurity and Infrastructure Security Agency’s (CISA) Cybersecurity Advisory Committee proposed the creation of an emergency “311” cybersecurity call line for incidents affecting small and medium-sized businesses.
The committee – made up of cybersecurity experts from several leading companies – held its third meeting in Austin, Texas on Wednesday and provided several recommendations to CISA Director Jen Easterly.
The committee was founded in June 2021, held its first meeting in December and is split up into six subcommittees focused on several different issues – including the cyber workforce, information dissemination, cyber hygiene efforts, technical advisories, critical infrastructure and misinformation.
The cyber hygiene subcommittee, led by Apple vice president of corporate information security George Stathakopoulos, suggested CISA "launch a ‘311’ national campaign, to provide an emergency call line and clinics for assistance following cyber incidents for small and medium businesses.”
The measure was also floated by the communications subcommittee, which is led by Tenable board member Niloofar Razi Howe.
Ekram Ahmed, a spokesperson for cybersecurity company Check Point Software, told The Record that the idea for a "311" emergency line is "smart and timely."
"Right now, we’re seeing on average, organizations in the United States are being attacked 868 times per week. The emergency line can make for a faster path towards incident response,” Ahmed said, adding that in June, his company has seen an average of over 27 cyberattacks per small and medium business each week, 72% higher than last year.
The suggestions come as CISA executives and others continue to push for more robust incident reporting. A cyber incident reporting bill was passed and signed into law earlier this year but it only covers critical infrastructure organizations. The organizations have to report breaches to CISA within 72 hours and report ransomware payments within 24 hours.
Two weeks ago, Eric Goldstein, executive assistant director for cybersecurity at CISA, spoke at length about how damaging the lack of data on ransomware attacks in the U.S. is for organizations like his.
“A tiny fraction of ransomware infections are reported to the government and the problem is getting worse because we don’t even know what that actual number is,” Goldstein explained to an audience at the RSA security conference.
“We have no idea the actual denominator of ransomware instructions that are occurring across the country on any given day.”
Chief People Officer position
Each of the subcommittees made a range of other recommendations at the meeting, all of which will be mulled over by Easterly and responded to at the next meeting on September 13.
Experts said CISA should create a new Chief People Officer position in an effort to “dramatically improve its talent acquisition process to be more competitive with the private sector.”
Another subcommittee recommended CISA ensure that companies working with the federal government fully adopt multi-factor authentication by 2025 as a way to promote the practice.
The technical advisory council suggested CISA create incentives and access to information to help security researchers while making the vulnerability reporting process as frustration-free as possible.
“I was thrilled to host CISA’s Cybersecurity Advisory Committee today in Austin to discuss the recommendations from Committee members that will help ensure that CISA is the cyber defense agency that this country truly needs and deserves,” Easterly said in a statement after the meeting.
“I couldn’t be more grateful for the Committee’s partnership and look forward to closely studying their recommendations. With their guidance and the great work of the CISA team, we will help CISA fulfill its mission of ensuring the security and resilience of our critical infrastructure.”
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.