CISA Panel: Reflections on Digital Transformation and COVID-19

This post is also available in: 日本語 (Japanese)

On Sept. 23, I was honored to “virtually” join David Shive, CIO of the General Services Administration, and Jim Weaver, CIO of the State of Washington, at the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) 3rd Annual National Cybersecurity Summit, to discuss the digital transformations brought on by the COVID-19 pandemic.

David and Jim both provided tremendous insight from the front lines of federal and state technology and cybersecurity challenges. Our conversation focused on our respective organizations’ efforts – in the context of COVID-19, the examination of social and racial injustice, and the wildfires across the Western United States – to meet the needs of our workforce and the customers we serve, while contributing to the broader ecosystem.

Our session offered an opportunity to reflect on the early days of the pandemic in the U.S. and review the actions we took to support, almost overnight, an unprecedented shift to remote work. We discussed how our conception of critical infrastructure and essential services evolved, our collaboration with governments worldwide, and whether and how these changes to our digital world will have a lasting impact. Here are some highlights from the session:

• A rapid transition to secure remote work. In early March, Palo Alto Networks responded quickly. For our own workforce, we made the transition to nearly 100% remote, focused on the well-being of our teammates. And as a global team whose mission is enabling our customers to work securely no matter where they are, we were well-equipped with the tools, technologies and security to work safely from home. 

Our team also rallied to help organizations secure remote workers and provide expanded infrastructure security quickly. We assisted the largest federal agencies in the U.S. government in securing thousands of employees’ remote workstations, in one instance reworking Multi-Factor Authentication systems in less than a week to onboard several hundred new employees and upgrading key cloud-hosting infrastructure over a weekend. We assisted one state in securing 8,000 workers in 48 hours. And we partnered with a technology consortium serving 100,000 universities and K-12s in the U.S. to help campuses securely deliver remote learning to students at home. 

In many ways, COVID-19 simply accelerated network transformation trends that were already underway and will certainly continue in some form long after the pandemic recedes. It is now simply a strategic imperative to extend consistent security capabilities you deploy within your internal HQ network to all environments, regardless of where an employee connects.  

• Reimagining critical functions for a more resilient supply chain. The pandemic has shown the importance of broadening our field of vision on what constitutes essential services in times of crisis, and CISA’s National Critical Functions concept provided a successful foundation to build upon. One quick lesson was that “essential services” encompasses a variety of functions and activities throughout the supply chain. For every IT company developing critical technologies to enable remote work, for instance, a manufacturing partner was equally essential to supporting those technologies. In another example, small businesses several levels downstream of the national food supply chain were deemed “essential” and quickly realized that any disruption to their operations, including cyber-enabled disruptions, could have a cascading impact on national public safety and security. 

As we have noted previously, Palo Alto Networks is both a critical infrastructure company ourselves and a supplier to other critical infrastructure entities worldwide. Our collaboration with our government partners – at the federal, state, local and international levels – to identify, in real time, these expanded essential services helped us prioritize our own outreach and threat research, and ensure a more resilient supply chain for the pandemic response.

• Our strong commitment to government collaboration.  In addition to our collaboration on critical functions to ensure a more resilient supply chain, Palo Alto Networks supported our government partners in two additional ways. First, we collaborated on critical guidance for secure technology capabilities. We provided input to government standards and best practice guidelines, based on lessons learned across our 70,000 enterprise customers, on topics ranging from secure video conferencing capabilities to other remote workforce activities.

Second, we shared COVID-related threat indicators and collaborated on research priorities. As part of our global threat intelligence analysis efforts, the Unit 42 threat intelligence team is committed to partnering with governments, national cyber centers and CERTs/CSIRTs on preventing threats to the health care sector and other critical sectors involved in the COVID-19 response. Unit 42 identified more than 1.2 million new registered domain names containing keywords related to the coronavirus pandemic just in the first seven weeks of the crisis, of which at least 86,000 were malicious or risky – designed specifically to steal personal information or other data. Unit 42 also identified an increase in COVID-related phishing attempts, including ransomware against healthcare organizations and other critical infrastructure. We shared these findings quickly to ensure governments were prepared and informed.

I would like to thank CISA for convening this important summit, and my co-panelists both for their insights on the session and for their public service during this extraordinary time. I look forward to further collaboration on these critical topics.

Watch the video of our session, “CIO Panel – Challenges Overcome and Predicted.” You can also learn more about our commitment to the U.S. government’s cybersecurity mission.