Jen Easterly
Image: Jen Easterly at AvengerCon 2021

CISA to focus on hospital, school, and water cybersecurity over the next year

The Cybersecurity and Infrastructure Security Agency over the next year will focus its efforts on improving the digital defenses of three critical infrastructure sectors, the organization's chief said Thursday. 

The Homeland Security Department cyber wing will train its attention on three critical infrastructure sectors full of "target-rich, resource-poor" entities, namely water, hospitals, and K-12 schools, CISA Director Jen Easterly said at Mandiant’s mWISE conference in Washington, DC.

Her comments came a week after a senior Biden administration official said the White House would work with entities in communications, water and healthcare to strengthen the cybersecurity of those sectors.

Easterly specifically cited the recent ransomware attack on the Los Angeles Unified School District, calling it a “case study” for cyber incident reporting because the victim reached out to the FBI and CISA for assistance.

“We were working with them very early on and they were very transparent… They did a press conference, they said, 'This is what we know. And this is what we're going to do about it and we're going to keep you informed.' That transparency really raises the bar and raises all boats,” according to Easterly.

“When you understand what the threat is you can prepare yourself,” she added. “It's like in a neighborhood. You'd want to know if your neighbor got robbed because you're gonna put your shields up. You're going to be on guard and have that level of vigilance. That's really where the country needs to be.”

Easterly also said CISA plans to publish the final version of its cross-sector cybersecurity performance goals next week. The metrics were originally due in July under a national security memorandum issued last year that addressed cybersecurity for industrial control systems utilized in critical infrastructure.

"For the first time I think we're going to be able to materially measure the reduction of risk across the most critical areas,” Easterly said.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles

Martin Matishak

Martin Matishak

is the senior cybersecurity reporter for The Record. Prior to joining Recorded Future News in 2021, he spent more than five years at Politico, where he covered digital and national security developments across Capitol Hill, the Pentagon and the U.S. intelligence community. He previously was a reporter at The Hill, National Journal Group and Inside Washington Publishers.