President-elect Donald Trump's pick for Homeland Security chief wants to forge closer ties with the private sector in the cyber arena.
Gen. John F. Kelly (Ret.), a more than four-decade veteran of the Marine Corps, appeared this week before the Senate Homeland Security and Governmental Affairs Committee for his confirmation hearing, the second of Trump's appointees to begin that process.
In his testimony on cybersecurity, Kelly noted the challenges of keeping pace with an ever-evolving spate of threats from a variety of actors, and stressed the importance of the government coordinating its defense efforts and intelligence with the private-sector firms that could be targeted by attackers.
"The best thing we can do obviously is just outreach to everybody, whether it's power plants or other commercial interests," Kelly said.
"The problem," he added, is "it's constant, it's relentless, it's from nation-states, it's from mafia-type organizations and just from vandals."
In contrast to other Trump appointees, Kelly has faced relatively little preemptive criticism, and indeed received bipartisan praise at his hearing for his long and varied record of military service, most recently serving as commander of U.S. Southern Command.
As the secretary of Homeland Security, Kelly would take charge of a broad portfolio of government agencies and missions, including the Coast Guard, border security, immigration enforcement and much of the nation's non-military cybersecurity operations.
In what might be described as a friendly-fire session, at his confirmation hearing Kelly answered questions on a litany of those issues, including whether he accepted the assessment of the intelligence community that Russian hackers, acting at the direction of President Vladimir Putin, sought to interfere with the election with a clear preference for Trump's candidacy over rival Hillary Clinton.
"With high confidence," Kelly responded.
The next day, at his long-awaited Wednesday news conference, Trump himself acknowledged for the first time that he accepts the intelligence assessment on the attribution of the cyber intrusions into the Democratic National Committee and other targets involved with the election.
"As far as hacking, I think it was Russia," Trump said, though he went on to call out the massive breach of the Office of Personnel Management that was attributed to China and to suggest that Russia is hardly the only actor attacking sensitive U.S. systems.
Trump also called for his incoming intelligence chiefs to deliver a report on hacking and cyber defenses within three months, though in the same news conference he appeared once again to criticize the current intelligence regime for potentially leaking information about classified meetings with the president-elect.
Kelly touts public-private sector engagement as DHS approach to cyberthreats
Kelly, meantime, indicated that that he would come to DHS with a respect for the mounting sophistication of the United States' adversaries in the cyber realm, a development that has come into painful focus with the attacks of foreign adversaries, Russia's election hacking being only the most recent example.
"Three, four, five years ago we talked about [how] the United States would not have a peer competitor in cyber for 20 years or 25 years," Kelly said. "Now we know that we have some pretty darn close to peer competitors."
Kelly praised outgoing Defense Secretary Ash Carter's outreach to the private sector --particularly Silicon Valley -- at the outset of his tenure leading the Pentagon, holding up that program of public-private engagement as a model for how DHS might approach cyberthreats under his leadership.
"There's unbelievable ... talent out there in the civilian sector, and I think at this point in time everyone realizes that it's in everyone's interest -- whether it's personal security or corporate security, certainly U.S. security -- everyone realizes, I think, that working together makes an awful lot of sense," he said. "More cooperation amongst the private sector and the federal sector, the state sector -- I think that would go a long way."
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.