Portman kicks things off by reading from DHS IG report about Mayorkas' alleged EB-5 favoritism during the Obama admin. He says it's important that Mayorkas have a chance to respond.
“I believe this hearing is about ensuring strong, effective, and ethical leadership" of DHS.
Peters to Mayorkas: “Once confirmed, you will have a daunting job before you. … There’s no question we need strong and we need stable leadership in the Department of Homeland Security more than ever.”
Sorry, I should say: Peters is Sen. Gary Peters (D-Mich.), who will soon officially become the new chairman of HSGAC. Portman is Sen. Rob Portman (R-Ohio), who will be the ranking member. He takes over that role from Sen. Ron Johnson (R-Wisc.).
Mayorkas, in his opening statement, cites "cyberattacks that undermine our security and the integrity of our information systems" among the threats that DHS must confront.
As I predicted in today's @MorningCybersec, Mayorkas hammers home need for partnerships in cyber.
Says DHS is "fundamentally a department of partnerships.”
“To enhance our cybersecurity, the department depends upon and must strengthen our cooperation with the private sector.”
Cyber partnerships were a key priority for Mayorkas when he was DHS's deputy secretary. He worried that companies weren't sharing enough cyber threat information with the government and looked for ways to incentivize them.
First cyber question, from Sen. Kyrsten Sinema (D-Ariz.): Will you work with us to enhance cybersecurity education to help defend against ransomware?
Mayorkas: Yes.
Romney: “We are woefully unprepared from a cybersecurity standpoint in this nation and in our government, and [I] hope that … you will focus on bringing a whole different level of expertise..." (1/2)
(2/2) "...both in defensive actions with regards to cybersecurity and offensive actions, and protect our government and our economy from those who would attack us in this new, most powerful way."
Mayorkas: “I was incredibly proud to be the deputy to Secretary Johnson,” who “prioritized a very evolving cybersecurity threat, and we made tremendous advances in the department under his ultimate leadership." (1/2)
(2/2) "The threat has only evolved and only grown since then, and I can assure you that the cybersecurity of our nation will be one of our highest priorities. … The threat is real, and the threat is everyday, and we have to do a much better job than we are doing now."
Sen. Maggie Hassan (D-N.H.): Any thoughts on whether CISA's EINSTEIN and CDM programs need changes since they failed to spot SolarWinds?
Mayorkas says that if confirmed, he will study U.S. intelligence on SolarWinds and examine whether to change EINSTEIN/CDM or add new programs.
Mayorkas' full answer: "I look forward to studying the SolarWinds attack. Of course, I’ve been studying it intensely as a private citizen. Should I have the privilege of serving as the secretary, I will avail myself of the best and latest intelligence..." (1/?)
"...that the United States has with respect to this attack and conducting a thorough review of EINSTEIN and Continuous Diagnostics and Mitigation to understand whether EINSTEIN and CDM … are appropriately designed and appropriately and effectively executed..." (2/?)
(3/3) "to stop a threat such as SolarWinds, and if not, what other defenses need we develop in the federal government to best protect our very valuable equities and resources?"
If I understand correctly, Mayorkas hasn't been in any of the Biden transition team briefings on SW.
Hassan also asked if Mayorkas supported a state and local govt cyber grant program, which she has proposed.
Mayorkas signals support and says "I look forward to working on it with you."
M: In cyber, "we often say that we are only as strong as our weakest link, & we have to recognize that there are local communities that don’t have the financial or other wherewithal to really safeguard their cyber assets & best protect against the threats that they confront.”
Sorry, corrected Mayorkas quote to Hassan about her grant program idea: "I look forward to considering a grant proposal and working with you in that regard."
Portman: CISA “has been stretched too thin," missed SW. What should CISA do going forward?
Mayorkas: CISA "must improve" govt cyber hygiene & improve public-private partnerships. Need a whole-of-govt approach & "there's great amount that will rest on the shoulders of CISA."
Portman: Are you committed to also strengthening DHS’s internal cybersecurity, as FISMA audits show is needed?
Mayorkas: “Absolutely, Mr. Chairman. We need to lead by example.”
Mayorkas' full answer on CISA.
Mayorkas' confirmation hearing has ended.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
.@PressSec just started her first White House press briefing.
"Rebuilding trust with the American people will be central to our focus in the press office and in the White House every single day."
@PressSec Psaki to reporters: "We have a common goal, which is sharing accurate information with the American people."
Psaki on SolarWinds: "We reserve the right to respond at a time and in a manner of our choosing to any cyberattack. But our team is...just getting on the ground today, just getting onto their computers, so I don't have anything...to preview for you at this point in time."
Laughter and then cheers as Vice President Harris announces that California has submitted a certificate appointing Alex Padilla to fill the Senate vacancy created by the resignation of "Kamala D. Harris."
▪️ Requires US cloud ("infrastructure as a service") firms to keep records on foreign customers
▪️ Lets Commerce block IaaS firms from serving (1) ppl from countries w/ lots of cloud-enabled cyberattacks; (2) known hackers; (3) ppl who resell accounts to hackers
National Security Adviser O'Brien statement: "Malign actor abuse of United States IaaS products has played a role in every cyber incident during the last four years, including the actions resulting in the penetrations of United States firms FireEye and Solar Winds."
Some critics wanted bureau in political-affairs wing, not arms-control wing, to avoid militarizing policymaking.
Billingslea called that "completely unfounded" & said "P" wing is "focused on the regional bureaus" & cyber would become "subservient" to "broader" bilateral issues.
In the arms control or “T” wing, Billingslea told me, it will be easier for the cyber bureau to do foreign capacity building work.
“This puts them alongside the part of the Department of State that makes those security assistance decisions," he said.
Luke Mogelson's dispatch from inside the Capitol attack and the rallies that preceded it newyorker.com/magazine/2021/… is full of incredibly disturbing anecdotes about America's right-wing white-supremacist terrorist movement.
A few examples. First, their thirst to kill lawmakers.
Pretty much everything these people say makes it clear that they hate democracy, but some of it is much, much more explicit than the rest.
One section of the story documents how roving bands of MAGA fans terrorized D.C. residents after a rally. There's really no better word for this than "terror." Just a barbaric craving to brutalize people of color. Big KKK energy.