Chris Krebs Cybersecurity Report

CHRISTOPHER KREBS, FORMER DIRECTOR, CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY: I do. I think that executive order, released about a month or so ago, was actually prompted by some of the espionage-based attacks that happened earlier in the year and even at the tail end of the Trump administration. But there will be cascading effects, because the products, the software products and services that the federal government buys are the exact same products and services that our critical infrastructure owners and operators buy and deploy. So, those requirements that will be leveraged by the purchasing power of the federal government will have a cascading effect over the private sector.

GOLODRYGA: And we saw why this is a national security threat, given what happened with the Colonial Pipeline shutdown and that cybersecurity hack there. When you look, however, at what even the CEO has been testifying before lawmakers, he said today: “We have rebuilt and restored our critical I.T. systems and are continuing to enhance our safeguards. But we are not yet where I want us to be.” Does that alarm you?

KREBS: It’s perhaps alarming, but, at the same time, not necessarily unexpected. I would probably take it up a few levels above the Colonial issue and just think more broadly about our critical infrastructure, businesses in this country. Every single chief executive, every single leadership team needs to be watching these hearings and saying, how am I going to improve my organization cybersecurity posture.