Cybercriminals have gained an upper hand, according to former CISA chief Krebs, as the US struggles in the cybersecurity field.

Cybercriminals have gained an upper hand, according to former CISA chief Krebs, as the US struggles in the cybersecurity field.

In a keynote address at the Black Hat USA conference in Las Vegas, Chris Krebs, a founding partner at Krebs Stamos Group, highlighted the urgent need for a comprehensive overhaul of the U.S. government's approach to cybersecurity.

Krebs, the former founding director of the Cybersecurity and Infrastructure Security Agency (CISA), emphasised that the digital environment has evolved significantly over the past 25 years, while the U.S. government has not kept pace. He stated that the current state of cybersecurity in the U.S. is unsatisfactory, with American citizens suffering as a result.

Krebs pointed out that minor adjustments are not sufficient to address the current situation. He suggested a massive government reorganization, including the creation of a digital agency focused on enhancing digital risk management across cyber, privacy, trust, and safety.

One of the key proposals was the separation of CISA from the Department of Homeland Security and its establishment as a sub-cabinet agency. This move, according to Krebs, would provide CISA with the necessary autonomy and resources to effectively address the evolving cyber threats.

Ransomware has become a prevalent and costly threat, distracting the national security community. Intelligence officials have broadened their view of threat actors to include cybercriminals. These actors exploit points of weakness in dependencies and trust connections between organisations, software, and technology platforms.

Krebs also advocated for a clear, visible front door for cybersecurity issues, with CISA as the primary agency. He emphasised the importance of collaboration between the government and organisations, but noted that the U.S. government's reluctance to regulate has hindered progress, making it challenging for organisations to engage with the government or determine which agency to approach.

Krebs further suggested that the focus on advanced persistent threats (APTs) and nation-state threats has been overemphasised, while cybercriminals have been successful in their attacks, proving they were the primary threat model all along. He urged that any product being shipped or hosted is a potential target for cyber threats, and the threat landscape and adversaries continue to expand.

In conclusion, Krebs called for a radical shift in the U.S. government's approach to cybersecurity, emphasising the need for a comprehensive government agency overhaul or the separation of CISA to effectively address the evolving cyber threats and protect American citizens.

Read also:

• Oxidative Stress in Sperm Abnormalities: Impact of Reactive Oxygen Species (ROS) on Sperm Harm
• Is it possible to receive the hepatitis B vaccine more than once?
• Transgender Individuals and Menopause: A Question of Occurrence?
• Genetically manipulated rabbits sprout ominous black horns on their heads