Senator Hassan Questions Top Cybersecurity Nominees on Information Sharing, Prosecuting Cybercriminals, and Legacy IT Systems

WASHINGTON – U.S Senator Maggie Hassan (D-NH) questioned top cybersecurity nominees that President Biden put forward during a Homeland Security and Governmental Affairs Committee hearing today.

To watch Senator Hassan’s questioning, click here.

Senator Hassan first questioned Chris Inglis, nominee to be National Cyber Director, about information sharing between the private and public sector.

“It’s clear that we have to work together to strengthen public-private cybersecurity information sharing, especially in light of the recent SolarWinds, Microsoft Exchange, and Colonial Pipeline attacks,” said Senator Hassan. “In your view, what are the biggest barriers inhibiting effective cybersecurity information sharing – in both directions – between the private and public sector?”

Mr. Inglis emphasized the need to share not just information, but also perspective and insights so that public and private entities can form stronger relationships and in turn, strengthen cybersecurity.

Senator Hassan also questioned Jen Easterly, Nominee to be Director of the Cybersecurity and Infrastructure Security Agency (CISA), on prosecuting cybercriminals.

“The federal government only successfully prosecutes a small fraction of cybercriminals each year,” said Senator Hassan. “If confirmed, how would CISA work with law enforcement agencies such as the FBI to increase costs and deterrents for cybercriminals?”

Ms. Easterly responded that CISA supports agencies such as the FBI in their cyber investigations by ensuring that they have guidance to better prevent cyberattacks, including through the basics of cyber hygiene such as password protection and multi-factor authentication.

Senator Hassan also focused on the importance of upgrading legacy IT systems when she questioned Robin Carnahan, the nominee to lead the General Services Administration. Federal agencies continue to rely on many legacy IT systems, which are systems that are no longer supported by industry vendors, and this leads to additional maintenance or specialized knowledge to operate. Maintaining legacy IT systems are very costly and can delay crucial services and resources that Americans depend on.

Senator Hassan said, “The COVID-19 pandemic revealed just how many federal agencies are not equipped to offer digital services due to their use of expensive, outdated technology and paper-based data systems. For Granite Staters, this meant significant delays in delivery of stimulus checks and the inability to access emergency funding to support their small businesses.”

“I watched, just as all of us did, horrified that so much of the quick policy work and appropriation that was done by Congress wasn’t able to get to the people that needed it, because of outdated or not working technology systems, and likewise that cyber criminals were able to take advantage of that and steal money,” Ms. Carnahan said. Bottom line, we can’t implement government policy if we can’t make the damn websites work.”

Ms. Carnahan also stated that the federal government can incrementally improve IT systems in a way that’s smart for taxpayers. Senator Hassan agreed, saying that we need to make sure that “people understand that their government can work for them. They need to be able to get the same level of service from their government that they get from the private sector digitally.”

Senator Hassan has led efforts in the Senate to upgrade legacy IT systems in order to modernize government technology. Recently, the Senator led a hearing to discuss the costs of the federal government running outdated and inefficient information technology systems, as well as the barriers to modernizing those systems. During a Senate Finance Committee hearing, Senator Hassan also raised concerns from Granite Staters who have experienced delays in receiving pandemic-related relief, including Economic Impact Payments.