John Felker, who last month was named assistant director of the Cybersecurity and Infrastructure Security Agency’s (CISA) Integrated Operations Division (IOD), on Thursday discussed IOD’s plans to integrate operations of CISA’s three primary component organizations in order to produce better cyber threat data intelligence that will include inputs from Continuous Diagnostics and Mitigation (CDM) programs implemented by Federal agencies.
Speaking at MeriTalk’s Cyber Security Brainstorm, Felker said CISA’s formal creation in late 2018 was a “really good thing.” But, he added, “now the hard work really begins on organizing [CISA] – organizing for effectiveness.”
Felker, who headed DHS’s National Cybersecurity and Communications Integration Center (NCCIC) from 2015 until his appointment to IOD in July, said the mission of his new organization is to “make sure we do things in an integrated way.”
CISA’s major components are its Cybersecurity Division, Emergency Communications Division, and Infrastructure Security Division. Felker said IOD will aim to integrate the work of those organizations “over time” in order to improve CISA’s ability to share threat data with organizations of all kinds and varying levels of security sophistication.
“That’s where we want to go,” he said. “We are still evolving that process,” Felker said, adding “it’s working pretty well.”
“We want to wrap some of that CDM data” into the “threat products” that CISA generates, Felker said. He didn’t offer specifics on what kind of CDM-generated data might be the most valuable, but he did speak favorably about the potential of the DHS-level CDM dashboard to reveal “what is occurring,” and to point to “what we should be looking at next.”
Felker also offered assurances about the purpose of CDM for agencies, saying that its function “is not to put you on the spot, it’s to make you better.”
And of the larger integration effort that informs IOD’s mission, he said, “All of these things coming together is going to be a very good exercise for us.”
Elsewhere in his remarks, Felker said that artificial intelligence (AI) technologies show “tremendous promise” as a tool that can help CISA sift through cyber threat data. But he added, “we need to think through the ethics of [AI] design” in order to watch for biases that can end up being baked into algorithms.
And regardless of the role that AI may take in the future, “there will always be the need for human decision-making,” Felker added.