CISO and CISA Report to Congress on Cyber EO Progress

Sherry V Smith | Shutterstock

At a hearing of the House Homeland Security committee’s Cybersecurity, Infrastructure Protection and Innovation subcommittee, federal cyber leaders reported that agencies have made substantial improvements to the security of their systems and private critical infrastructure since President Biden issued his executive order on the topic a year ago. Federal CISO Chris DeRusha and Eric Goldstein of CISA each cited advances in multifactor authentication and encryption. However, members of the committee challenged them on the fact that MFA implementation – ordered to be in place by November 2021 – is fully deployed by only 13 agencies out of dozens, and endpoint detection and response capabilities were deployed at only 15. DeRusha and Goldstein outlined projections to increase those numbers and other technology deployments substantially in the coming year and next year.