According to Christopher Roberti, senior vice president of cyber, intelligence and supply chain security policy for the U.S. Chamber of Commerce, it is “really important that we, as a nation, comprehensively tackle the issues of cybersecurity.”
“We have to really put in the time now, and put in the planning about the devious things our adversaries are going to come after and defend against them, and do it in a way that’s broader than the five or six major exercises that happen each year,” Roberti said.
Speaking as part of a panel during the 2021 AFPM Annual Meeting, Roberti emphasized the need for increased incident reporting and breach reporting.
“We recognize that particularly after SolarWinds – a highly sophisticated cyberattack perpetrated on an American software company in late 2020 – and the Microsoft Exchange Server operations that there’s a greater calling on both sides of the [political] aisle for increased reporting,” he said, adding that a data breach may be “a little easier to tackle.”
A “federal law with preemption” that prosecutes cybercrime is Roberti’s legislative preference to address cyber threats.
“We don’t want to see 30 or 50 or 20 conflicting state schemas,” he said. “We’re engaging with several members of Congress [to determine] the right balance on data breaches, [including] what kind of protections we are going to see in terms of liability and how the information will be held confidential.”
Will Hurd, a former U.S. representative for the state of Texas and former CIA officer, said that throughout his 20 years of being associated with national security apparatuses, there has been considerable discussion about “black swans.”
“These are unique events that are unlikely to happen,” Hurd said. “But the only thing I’ve ever heard about black swans is they actually happen, especially when it comes to cybersecurity. We have to be prepared for those crazy events because they’re going to happen.”