This post is also available in: 日本語 (Japanese)
On Sept. 23, I was honored to “virtually” join David Shive, CIO of the General Services Administration, and Jim Weaver, CIO of the State of Washington, at the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) 3rd Annual National Cybersecurity Summit, to discuss the digital transformations brought on by the COVID-19 pandemic.
David and Jim both provided tremendous insight from the front lines of federal and state technology and cybersecurity challenges. Our conversation focused on our respective organizations’ efforts – in the context of COVID-19, the examination of social and racial injustice, and the wildfires across the Western United States – to meet the needs of our workforce and the customers we serve, while contributing to the broader ecosystem.
Our session offered an opportunity to reflect on the early days of the pandemic in the U.S. and review the actions we took to support, almost overnight, an unprecedented shift to remote work. We discussed how our conception of critical infrastructure and essential services evolved, our collaboration with governments worldwide, and whether and how these changes to our digital world will have a lasting impact. Here are some highlights from the session:
Our team also rallied to help organizations secure remote workers and provide expanded infrastructure security quickly. We assisted the largest federal agencies in the U.S. government in securing thousands of employees’ remote workstations, in one instance reworking Multi-Factor Authentication systems in less than a week to onboard several hundred new employees and upgrading key cloud-hosting infrastructure over a weekend. We assisted one state in securing 8,000 workers in 48 hours. And we partnered with a technology consortium serving 100,000 universities and K-12s in the U.S. to help campuses securely deliver remote learning to students at home.
In many ways, COVID-19 simply accelerated network transformation trends that were already underway and will certainly continue in some form long after the pandemic recedes. It is now simply a strategic imperative to extend consistent security capabilities you deploy within your internal HQ network to all environments, regardless of where an employee connects.
As we have noted previously, Palo Alto Networks is both a critical infrastructure company ourselves and a supplier to other critical infrastructure entities worldwide. Our collaboration with our government partners – at the federal, state, local and international levels – to identify, in real time, these expanded essential services helped us prioritize our own outreach and threat research, and ensure a more resilient supply chain for the pandemic response.
Second, we shared COVID-related threat indicators and collaborated on research priorities. As part of our global threat intelligence analysis efforts, the Unit 42 threat intelligence team is committed to partnering with governments, national cyber centers and CERTs/CSIRTs on preventing threats to the health care sector and other critical sectors involved in the COVID-19 response. Unit 42 identified more than 1.2 million new registered domain names containing keywords related to the coronavirus pandemic just in the first seven weeks of the crisis, of which at least 86,000 were malicious or risky – designed specifically to steal personal information or other data. Unit 42 also identified an increase in COVID-related phishing attempts, including ransomware against healthcare organizations and other critical infrastructure. We shared these findings quickly to ensure governments were prepared and informed.
I would like to thank CISA for convening this important summit, and my co-panelists both for their insights on the session and for their public service during this extraordinary time. I look forward to further collaboration on these critical topics.
Watch the video of our session, “CIO Panel – Challenges Overcome and Predicted.” You can also learn more about our commitment to the U.S. government’s cybersecurity mission.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.