Governance, Risk and Compliance, Security Strategy, Plan, Budget, Critical Infrastructure Security, Black Hat

CISA head Easterly emphasizes the personal to foster community’s trust

Share
Jen Easterly speaks during her June 10, 2021, Senate confirmation hearing to head Homeland Security’s Cybersecurity and Infrastructure Security Agency in Washington. (Kevin Dietsch/Getty Images)

Newly sworn-in head of the Cybersecurity and Infrastructure Security Agency Jen Easterly focused on ensuring community trust with the agency at her remotely delivered Black Hat keynote Thursday by trying to bolster trust with her as a person.

"I think the foundation for any ability to affect collaboration is building that trust," she said, answering a question from Black Hat founder Jeff Moss at the end of her talk, "And frankly Jeff, that's why I took a little bit of time in the front end so that people understand more about me because I think it's hard to judge somebody that you don't know."

Easterly traced her background, from her childhood fascinated with Rubik's Cubes, through military and intelligence service and her role in the private sector — including her roles helping setting up U.S. Cyber Command and as an Obama adviser for counterterrorism.

She did so wearing jeans emblazoned with a dragon pattern and a "Free Britney" T-shirt, partially concealed by a black zip-up sweatshirt.

The talk circled around the themes of imagination, both in the contexts of innovation and the failures of imagination during 9/11.

Easterly takes over a CISA that ended the Trump administration in turbulence. During the waning days of the Trump presidency, the well-esteemed director of CISA Chris Krebs — to that point, the only director that CISA had ever had — was fired by the president over his failure to back election conspiracy theories. Krebs had built up CISA's profile as an agency of partnerships with the private sector and state and local governments; his firing had threatened to diminish some of that good-will.

During her talk, Easterly presented herself as a continuation of Krebs' work seeking opportunities to continue the agency's growth and maturation.

"I think the world of Chris," she said, later adding, "I think there's the founder, right, and then there's the next CEO that comes in, and transforms continues, formation of the organization."

The later section of her speech made the case for researchers and enterprises to partner with CISA. She described CISA's recent cybersecurity work on a number of fronts, crediting several outside researchers by name and affiliation, explained the resources CISA could bring to enterprises pre- and post-breach, and encouraged anyone listening to apply for a job with the agency.

The Easterly talk came soon after her agency's announcement of the Joint Cyber Defense Collaborative, a public/private partnership to bolster resiliency and game plan threats. She celebrated the announcement during her talk by dubbing in a guitar riff, shifting to a slide of an AC/DC-stylized logo (complete with digitally rendered concert pyrotechnics), and doing a dance she identified as the Elaine dance from "Seinfeld."

Throughout the talk, she maintained an optimistic tone.

"Throughout a career in cybersecurity and counterterrorism, I always get the same question: 'Jen, what keeps you up at night?' But I prefer to reframe that question: It's not what keeps me up at night, it's what wakes me up in the morning — and that is the opportunity to work in a fantastic agency with incredibly talented teammates on one of the most important missions to our national security, and the opportunity to solve some of our most complicated, important puzzles," she said.

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.