Secretary of Homeland Security Kirstjen Nielsen signaled that her newly minted cybersecurity agency would shift its focus to a number of longer term initiatives, such as mapping out national critical functions across different critical infrastructure sectors and changing culture and practices in global supply chain operations and procurement.
Speaking at a Nov. 16 U.S. Chamber of Commerce event just hours after President Donald Trump signed the Cybersecurity and Infrastructure Security Agency Act, Nielsen outlined four major shifts in the threat landscape that will require government and industry to rethink risk management practices: the deliberate targeting of critical infrastructure by nation states; the ability of cyberattacks like NotPetya to affect and disrupt different sectors and cause cascading damage, a tendency to view risk management through the lens of assets and organizations instead of critical functions and a recognition that resilience, not preventing an attack or breach, should guide organizational decision-making.
