OFFICIALS LEGISLATION INTEREST GROUPS PUBLIC STATEMENTS COMMITTEES VETOES

Katko Opening Statement in Russian Cyber Threats Hearing

Hearing

Date: April 5, 2022
Location: Washington, DC
Issues: National Security

Rep. John Katko (R-NY), Ranking Member of the House Committee on Homelan Security, delivered the following opening statement in a full committee hearing entitled, "Mobilizing our Cyber Defenses: Securing Critical Infrastructure Against Russian Cyber Threats."

Ranking Member Katko's Opening Statement (as prepared for delivery)

Thank you, Chairman Thompson, for hosting this hearing. And thank you to our witnesses for being here today.

Each of you play an extremely important role in the increasingly interconnected web of services that constitutes our nation's cybersecurity and critical infrastructure.

In fact, all of us here play an important role in this ecosystem.

We each have a job to do, and as we have repeatedly seen, one misstep can have disastrous consequences for the nation's infrastructure and the communities we represent.

There has never been a more important time for our businesses, our state and local governments, and our federal government to be prepared not just to defend against cyberattacks -- but to be resilient should an attack occur.

As the Biden administration recently said, there is "evolving intelligence that the Russian Government is exploring options for potential cyberattacks."

I don't need to tell anyone here today what that might mean for our constituents, or in the case of our panel, your customers and clients.

Looking at some of the particularly tangible attacks over the past year, we can see that the motives have been either financial gain or intelligence-gathering, NOT pure destruction.

But what if the goal was pure destruction?

What if destructive attacks happened on critical infrastructure simultaneously?

We saw this in 2017 with the NotPetya attack, which was a purely destructive campaign originally aimed at Ukrainian networks by Russian attackers, but quickly spun out of control and ultimately caused over $10 billion in damages globally.

It impacted global shipping for weeks and wreaked havoc for companies around the world.

There is so much this body should be doing to prepare for this type of threat, and thankfully, we have recently taken significant steps to make our country safer.

Just two weeks ago, the Cyber Incident Reporting for Critical Infrastructure Act was signed into law as part of the Omnibus Appropriations bill for Fiscal Year 2022.

This is one of the most important pieces of cybersecurity legislation in the past decade.

Enhanced reporting to the Cybersecurity and Infrastructure Security Agency, CISA, of significant cyber incidents and ransomware attacks on critical infrastructure will mean greater visibility for the federal government, earlier disruption of malicious cyber campaigns, and better information and threat intelligence going back out to the private sector so it can defend against future attacks.

This legislation also solidifies CISA's roles as the lead federal agency for cybersecurity.

I want to thank my colleagues in both the House and Senate, as well as the private sector, for their partnership and support in getting this across the finish line.

The success of these tools is dependent on the success of the agencies we entrust them to, and fortunately, we have the extremely-capable CISA Director, Jen Easterly, and National Cyber Director, Chris Inglis, at the helm of our nation's cyber defense efforts.
They have been working tirelessly to keep us safe, and I thank them for their work.

However, their impact only extends as far as their mandate.

It is up to all of us, especially those of you here today, as industry leaders, to keep your companies, clients, and customers -- our constituents -- secure and resilient.

I look forward to hearing from you all about your partnerships with CISA, what more you need from the federal government, and the actions you're taking to secure our critical infrastructure.


Source
arrow_upward